iD^^ 


SECURITY  AND  FREEDOM  THROUGH  ENCRYPTION 

(SAFE)  ACT 

Y  4.  J  89/1: 104/100 

Security  and  Freedon  Through  Encryp. . . 

HEARING 

BEFORE  THE 

COMMITTEE  ON  THE  JUDICIARY 
HOUSE  OF  REPRESENTATIVES 

ONE  HUNDRED  FOURTH  CONGRESS 

SECOND  SESSION 
ON 

H.R.  3011 

SECURITY  AND  FREEDOM  THROUGH  ENCRYPTION  (SAFE)  ACT 


SEPTEMBER  25,  1996 


Serial  No.  100 


^-^/  SS7 


Printed  for  the  use  of  the  Committee  on  the  Judiciary 


U.S.   GOVERNMENT  PRINTING  OFFICE 
3e-300  CC  WASHINGTON  :  1996 


For  sale  by  the  U.S.  Government  Printing  Office 
Superintendent  of  Documents,  Congressional  Sales  Office,  Washington,  DC  20402 
ISBN  0-16-053944-7 


0    SECURITY  AND  FREEDOM  THROUGH  ENCRYPTION 

(SAFE)  ACT 

4.  J  89/1:104/100 

curity  and  Freedon  Through  Encryp. . . 

HEARING 

BEFORE  THE 

COMMITTEE  ON  THE  JUDICIARY 
HOUSE  OF  REPRESENTATIVES 

ONE  HUNDRED  FOURTH  CONGRESS 

SECOND  SESSION 
ON 

H.R.  3011 

SECURITY  AND  FREEDOM  THROUGH  ENCRYPTION  (SAFE)  ACT 


SEPTEMBER  25,  1996 


Serial  No.  100 


7 


Printed  for  the  use  of  the  Committee  on  the  Judiciary 


U.S.   GOVERNMENT  PRINTING  OFFICE 
36-300  CC  WASHINGTON  :  1996 


For  sale  by  the  U.S.  Government  Printing  Office 
Superintendent  of  Documents,  Congressional  Sales  Office,  Washington,  DC  20402 
ISBN  0-16-053944-7 


COMMITTEE  ON  THE  JUDICIARY 
HENRY  J.  HYDE,  Illinois,  Chairman 


CARLOS  J.  MOORHEAD,  California 
F.  JAMES  SENSENBRENNER,  Jr., 

Wisconsin 
BILL  McCOLLUM,  Florida 
GEORGE  W.  GEKAS,  Pennsylvania 
HOWARD  COBLE,  North  Carolina 
LAMAR  SMITH,  Texas 
STEVEN  SCHIFF,  New  Mexico 
ELTON  GALLEGLY,  California 
CHARLES  T.  CANADY,  Florida 
BOB  INGLIS,  South  Carolina 
BOB  GOODLATTE,  Virginia 
STEPHEN  E.  BUYER,  Indiana 
MARTIN  R.  HOKE,  Ohio 
SONNY  BONO,  CaUfomia 
FRED  HEINEMAN,  North  Carolina 
ED  BRYANT,  Tennessee 
STEVE  CHABOT,  Ohio 
MICHAEL  PATRICK  FLANAGAN,  IlUnois 
BOB  BARR,  Georgia 


JOHN  CONYERS,  Jr.,  Michigan 
PATRICIA  SCHROEDER,  Colorado 
BARNEY  FRANK,  Massachusetts 
CHARLES  E.  SCHUMER,  New  York 
HOWARD  L.  BERMAN,  CaUfomia 
RICK  BOUCHER,  Virginia 
JOHN  BRYANT,  Texas 
JACK  REED,  Rhode  Island 
JERROLD  NADLER,  New  York 
ROBERT  C.  SCOTT,  Virginia 
MELVIN  L.  WATT,  North  Carolina 
XAVIER  BECERRA,  California 
ZOE  LOFGREN,  CaUfomia 
SHEILA  JACKSON  LEE,  Texas 
MAXINE  WATERS,  CaUfomia 


Alan  F.  Coffey,  Jr.,  General  Counsel  / Staff  Director 
Julian  Epstein,  Minority  Staff  Director 


(II) 


CONTENTS 


HEARING  DATE 


Page 

September  25,  1996  1 

TEXT  OF  BILL 

H.R.  3011 3 

OPENING  STATEMENT 

Hyde,  Hon.  Henry  J.,  a  Representative  in  Congress  from  the  State  of  IlUnois, 
and  chairman,  Committee  on  the  Judiciary  1 

WITNESSES 

Brown,   Mehnda,   vice  president  and   general  counsel,   Lotus  Development 

Corp.,  on  behalf  of  the  Business  Software  Alliance  55 

Crowell,  William  P.,  Deputy  Director,  National  Security  Agency  31 

Deneka,  Dr.  Charles  W.,  chief  technical  officer.  Coming,  Inc.,  on  behalf  of 

the  National  Association  of  Manufacturers  79 

Goodlatte,  Hon.  Bob,  a  Representative  in  Congress  from  the  State  of  Virginia  17 

Gorelick,  Jamie  S.,  Deputy  Attorney  General,  Department  of  Justice  24 

Katz,   Roberta   R.,    senior   vice   president,   general   counsel    and   secretary, 

Netscape  Communications  Corp 61 

Reinsch,  William  A.,  Under  Secretary,  Bureau  of  Export  Administration,  De- 
partment of  Commerce  40 

Ripley,  Patricia,  managing  director.  Bear,  Steams  &  Co.,  Inc 73 

LETTERS,  STATEMENTS,  ETC.,  SUBMITTED  FOR  THE  HEARING 

Brown,  Melinda,  vice  president  and  general  counsel,  Lotus  Development 
Corp.,  on  Behalf  of  the  Business  Software  Alliance:  Prepared  statement  57 

Crowell,  William  P.,  Deputy  Director,  National  Security  Agency:  Prepared 
statement  34 

Deneka,  Dr.  Charles  W.,  chief  technical  officer,  Coming,  Inc.,  on  behalf  of 
the  National  Association  of  Manufacturers:  Prepared  statement 80 

Goodlatte,  Hon.  Bob,  a  Representative  in  Congress  from  the  State  of  Virginia: 
Prepared  statement 20 

Gorelick,  Jamie  S.,  Deputy  Attomey  General,  Department  of  Justice:  Pre- 
pared statement 27 

Hyde,  Hon.  Henry  J.,  a  Representative  in  Congress  from  the  State  of  IlUnois, 
and  chairman.  Committee  on  the  Judiciary:  Opening  statement  13 

Jackson  Lee,  Hon.  Sheila,  a  Representative  in  Congress  from  the  State  of 
Texas:  Prepared  statement 16 

Katz,  Roberta  R.,  senior  vice  president,  general  counsel,  and  secretary, 
Netscape  Communications  Corp.:  Prepared  statement 64 

Lofgren,  Hon.  Zoe,  a  Representative  in  Congress  from  the  State  of  California: 
Prepares  statement  14 

Ripley,  Patricia,  managing  director.  Bear,  Steams  &  Co.,  Inc.:  Prepared  state- 
ment          75 

APPENDIX 

Material  submitted  for  the  hearing 91 

(III) 


SECURITY  AND  FREEDOM  THROUGH 
ENCRYPTION  (SAFE)  ACT 


WEDNESDAY,  SEPTEMBER  25,  1996 

House  of  Representatives, 
Committee  on  the  Judiciary, 

Washington,  DC. 
The  committee  met,  pursuant  to  notice,  at  9:44  a.m.,  in  room 
2141,  Rayburn  House  Office  Building,  Hon.  Henry  J.  Hyde  (chair- 
man of  the  committee)  presiding. 

Present:  Representatives  Henry  J.  Hyde,  Charles  T.  Canady,  Bob 
Inglis,  Bob  Goodlatte,  Sonny  Bono,  Ed  Bryant  of  Tennessee,  Steve 
Chabot,  Michael  Patrick  Flanagan,  John  Conyers,  Jr.,  John  Bryant 
of  Texas,  Robert  C.  Scott,  Zoe  Lofgren,  and  Sheila  Jackson  Lee. 

Also  present:  Joseph  Gibson,  counsel;  Kenny  Prater,  clerk;  and 
John  Flannery,  minority  special  counsel. 

OPENING  STATEMENT  OF  CHAIRMAN  HYDE 

Mr.  Hyde.  The  committee  will  come  to  order. 

Today  the  committee  considers  H.R.  3011,  the  Security  and  Free- 
dom Through  Encryption  (SAFE)  Act.  Encr3rption  is  the  process  of 
encoding  data  or  communications  in  a  form  that  only  the  intended 
recipient  can  understand.  Once  the  exclusive  domain  of  the  na- 
tional security  agencies,  encryption  has  become  increasingly  impor- 
tant to  persons  and  companies  in  the  private  sector;  for  example, 
to  protect  intellectual  property  and  other  forms  of  proprietary  infor- 
mation that  are  stored  and  transmitted  in  digital  formats. 

The  encrjrption  debate  encompasses  two  main  issues.  The  first  is 
whether  there  should  be  any  restrictions  on  the  domestic  use  and 
sale  of  encryption  technology  and,  in  particular,  whether  domestic 
users  must  place  their  keys  in  escrow  with  the  Government  or 
some  neutral  third  party.  Current  law  does  not  have  any  such  re- 
strictions. The  second  issue  is  whether  there  should  be  restrictions 
on  the  export  of  encryption  technology.  Current  law  regulates  the 
export  of  encryption  technology  in  the  same  manner  as  military 
technology.  To  date,  the  State  Department  has  generally  only  al- 
lowed the  export  of  relatively  weak  encryption  technology. 

With  respect  to  the  domestic  use  of  encryption,  the  administra- 
tion generally  favors  a  key  escrow  system,  and  its  representatives 
will  explain  more  about  this  proposal  shortly.  The  law  enforcement 
and  national  security  agencies  believe  that  a  key  escrow  system  is 
necessary  to  maintain  their  ability  to  perform  lawful  wiretaps  and 
to  read  computer  data  obtained  through  lawful  means. 

The  computer  industry,  the  larger  business  community,  and  pri- 
vacy groups  oppose  any  mandatory  key  escrow  system.  They  be- 

(1) 


lieve  that  a  mandatory  system  would  unnecessarily  invade  the  pri- 
vacy of  users  and  that  law  enforcement  can  solve  its  problems  by 
acquiring  better  technology  to  decode  encrypted  materials.  They 
argue  that  the  benefits  of  preventing  crime  through  the  widespread 
use  of  encryption  outweigh  any  harm  to  law  enforcement  caused  by 
that  use. 

With  respect  to  the  export  control  issue,  the  administration  has 
to  date  generally  opposed  the  lifting  of  the  current  export  controls. 
It  argues  that  the  controls  are  still  effective  and  that  our  allies 
would  be  distressed  about  the  damage  to  law  enforcement  efforts 
if  we  lifted  the  controls. 

The  computer  industry  and  the  privacy  groups  argue  that  the 
controls  ought  to  be  substantially  relaxed,  if  not  eliminated.  They 
argue  that  the  controls  are  easily  evaded  because  many  encryption 
products  are  already  available  to  anyone  over  the  Internet,  and  be- 
cause it  is  legal  for  anyone  to  come  into  the  United  States,  buy 
encryption  products,  and  take  them  out  of  the  country.  If  the  situa- 
tion does  not  change,  they  believe  that  Americans  will  no  longer 
dominate  this  field. 

[The  bill,  H.R.  3011,  follows:] 


104th  congress 

2d  Session 


H.R.3011 


To  amend  title  18,  United  States  Code,  to  affirm  the  rights  of  United 
States  persons  to  use  and  sell  encryption  and  to  relax  export  controls 
on  encryption. 


IN  THE  HOUSE  OF  REPRESENTATIVES 

March  5,  1996 
Mrs.  GOODLATTE  (for  himself,  Mr.  DeLay,  Mr.  BOEHKER,  Mr.  MOORHEAD, 
Mrs.  SCHROEDER,  Mr.  Gejdensox,  Mr.  Manzullo,  Mr.  Coble,  Mr. 
Barr  of  Georgia,  Mr.  BoKO,  Ms.  LOFGREN,  Mr.  Campbell,  Ms.  EsHOO, 
Mr.  DOOLITTLE,  Mr.  Farr  of  California,  Mr.  McKeon,  Mr.  Engel, 
Mrs.  Waldholtz,  Mr.  E^^^^•G,  Mr.  Mica,  Mr.  Chahibuss,  Mr.  Ever- 
ett, Mr.  Ehlers,  Mr.  Orton,  Mr.  Matsui,  Mr.  BOUCHER,  Mr. 
Chabot,  Mr.  MOAKLEY,  and  Mr.  Bartlett  of  Maryland)  introduced  the 
foUowng  bill;  which  was  referred  to  the  Conunittee  on  the  Judiciary,  and 
in  addition  to  the  Committee  on  International  Relations,  for  a  period  to 
be  subsequently  determined  by  the  Speaker,  in  each  case  for  consider- 
ation of  such  provisions  as  fall  within  the  jurisdiction  of  the  committee 
concerned 


A  BILL 

To  amend  title  18,  United  States  Code,  to  affirm  the  rights 
of  United  States  persons  to  use  and  sell  encryption  and 
to  relax  export  controls  on  encryption. 

1  Be  it  enacted  by  the  Senate  and  house  of  Representa- 

2  tives  of  the  United  States  of  America  in  Congress  assembled, 


2 

1  SECTION  1.  SHORT  TITLE. 

2  This  Act  may  be  cited  as  the  "Security  and  Freedom 

3  Through  Encryption  (SAFE)  Act". 

4  SEC.  2.  SALE  AND  USE  OF  ENCRYPTION. 

5  (a)  In  General. — Part  I  of  title  18,  United  States 

6  Code,  is  amended  by  inserting  after  chapter  121  the  fol- 

7  lowing  new  chapter: 

8  "CHAPTER  122— ENCRYPTED  WIRE  AND 

9  ELECTRONIC  INFORMATION 

"2801.  Definitions. 

"2802.  Freedom  to  use  encryption. 

"2803.  Freedom  to  sell  encryption. 

"2804.  Prohibition  on  mandatory  key  escrow. 

"2805.  Unlawful  use  of  encryption  in  furtherance  of  a  criminal  act. 

10  **§  2801.  Definitions 

1 1  "As  used  in  this  chapter — 

12  "(1)  the  terms  'person',  'State',  'wire  commu- 

13  nication',    'electronic   communication',   'investigative 

14  or  law  enforcement  officer',  'judge  of  competent  ju- 

15  risdiction',  and  'electronic  storage'  have  the  mean- 

16  ings  given  those  terms  in  section  2510  of  this  title; 

17  "(2)  the  terms  'encrypt'  and  'encryption'  refer 

18  to  the  scrambling  of  wire  or  electronic  information 

19  using  mathematical  formulas  or  algorithms  in  order 

20  to  preserve  the  confidentiality,  integrity,  or  authen- 

21  ticity  of,  and  prevent  unauthorized  recipients  from 

22  accessing  or  altering,  such  information; 

•HR  soil  IH 


3 

1  "(3)  the  term  'key*  means  the  variable  informa- 

2  tion  used  in  a  mathematical  formula,  code,  or  algo- 

3  rithm,  or  any  component  thereof,  used  to  decrypt 

4  wire    or    electronic    information    that    has    been 

5  encrypted;  and 

6  "(4)  the  term  'United  States  person'  means — 

7  "(A)  any  United  States  citizen; 

8  "(B)  any  other  person  organized  under  the 

9  laws  of  any  State,  the  District  of  Columbia,  or 

10  any  commonwealth,  territory,  or  possession  of 

11  the  United  States;  and 

12  "(C)  any  person  organized  under  the  laws 

13  of  any  foreign  country  who  is  owned  or  con- 

14  trolled  by  individuals  or  persons  described  in 

15  subparagraphs  (A)  and  (B). 

16  **§  2802.  Freedom  to  use  encryption 

17  "Subject  to  section  2805,  it  shall  be  lawful  for  any 

18  person  within  any  State,  and  for  any  United  States  person 

19  in  a  foreign  country,  to  use  any  encryption,  regardless  of 

20  the  encryption  algorithm  selected,  encryption  key  length 

21  chosen,  or  implementation  technique  or  medium  used. 

22  **§  2803.  Freedom  to  sell  encryption 

23  "Subject  to  section  2805,  it  shall  be  lawful  for  any 

24  person  within  any  State  to  sell  in  interstate  commerce  any 

25  encryption,   regardless  of  the  encryption   algorithm  se- 


•HB  soil  IH 


4 

1  lected,  encryption  key  length  chosen,  or  implementation 

2  technique  or  medium  used. 

3  **§  2804.  Prohibition  on  mandatory  key  escrow 

4  "(a)  Prohibition. — No  person  in  lawful  possession 

5  of  a  key  to  encrypted  information  may  be  required  by  Fed- 

6  eral  or  State  law  to  relinquish  to  another  person  control 

7  of  that  key. 

8  "(b)  Exception  for  Access  for  Law  Enforce- 

9  MENT  Purposes. — Subsection  (a)  shall  not  affect  the  au- 

10  thority  of  any  investigative  or  law  enforcement  officer,  act- 

11  ing  under  any  law  in  effect  on  the  effective  date  of  this 

12  chapter,  to  gain  access  to  encrypted  information. 

13  ''§2805.  Unlawful  use  of  encryption  in  furtherance  of 

14  a  criminal  act 

15  "Any  person  who  \villfully  uses  encryption  in  further- 

16  ance  of  the  commission  of  a  criminal  offense  for  which 

17  the  person  may  be  prosecuted  in  a  court  of  competent  ju- 

18  risdiction — 

19  "(1)  in  the  case  of  a  first  offense  under  this 

20  section,  shall  be  imprisoned  for  not  more  than  5 

21  years,  or  fined  in  the  amount  set  forth  in  this  title, 

22  or  both;  and 

23  "(2)  in  the  case  of  a  second  or  subsequent  of- 

24  fense  under  this  section,  shall  be  imprisoned  for  not 


•HR  3011  IH 


5 

1  more  than  10  years,  or  fined  in  the  amount  set  forth 

2  in  this  title,  or  both.". 

3  (b)  Conforming  Amendment. — The  table  of  chap- 

4  ters  for  part  I  of  title  18,  United  States  Code,  is  amended 

5  by  inserting  after  the  item  relating  to  chapter  33  the  fol- 

6  lowing  new  item: 

"122.  Elncrypted  wire  and  electronic  information  2801*. 

7  SEC.  3.  EXPORTS  OF  ENCRYPTION. 

8  (a)  Amendment  to  Export  Administration  Act 

9  OF  1979. — Section  17  of  the  Export  Administration  Act 

10  of  1979  (50  U.S.C.  App.  2416)  is  amended  by  adding  at 

1 1  the  end  thereof  the  following  new  subsection: 

12  "(g)  Computers  and  Related  Equipment.— 

13  "(1)  General  rule. — Subject  to  paragraphs 

14  (2),  (3),  and  (4),  the  Secretary  shall  have  exclusive 

15  authority  to  control  exports  of  all  computer  hard- 

16  ware,  software,  and  technology  for  information  secu- 

17  rity  (including  encryption),  except  that  which  is  spe- 

18  cifically  designed  or  modified  for  military  use,  in- 

19  eluding  command,  control,  and  intelligence  applica- 

20  tions. 

21  "(2)   Items  not   requiring   licenses. — No 

22  validated  license  may  be  required,  except  pursuant 

23  to  the  Trading  With  The  Enemy  Act  or  the  Inter- 

24  national  Emergency  Economic  Powers  Act  (but  only 

25  to  the  estent  that  the  authority  of  such  Act  is  not 

•HR  3011  IH 


8 


6 

1  exercised  to  extend  controls  imposed  under  this  Act), 

2  for  the  export  or  reexport  of — 

3  "(A)  any  software,  including  software  with 

4  encryption  capabilities — 

5  "(i)  that  is  generally  available,  as  is, 

6  and  is  designed  for  installation  by  the  pur- 

7  chaser;  or 

8  "(ii)  that  is  in  the  public  domain  for 

9  which  copjright  or  other  protection  is  not 

10  available   under   title    17,    United    States 

11  Code,  or  that  is  available  to  the  public  be- 

12  cause  it  is  generally  accessible  to  the  inter- 

13  ested  public  in  any  form;  or 

14  "(B)  any  computing  device  solely  because 

15  it  incorporates  or  employs  in  any  form  software 

16  (including  software  with  encryption  capabilities) 

17  exempted  from  any  requirement  for  a  validated 

18  license  under  subparagraph  (A). 

19  "(3)  Software  with  encryption  capabili- 

20  TIES. — The  Secretary  shall  authorize  the  export  or 

21  reexport  of  software  with  encryption  capabilities  for 

22  nonmilitary  end-uses  in  any  country  to  which  ex- 

23  ports  of  software  of  similar  capability  are  permitted 

24  for  use  by  financial  institutions  not  controlled  in  fact 


•HR  3011  IH 


7 

1  by  United  States  persons,  unless  there  is  substantial 

2  evidence  that  such  software  will  be — 

3  "(A)  diverted  to  a  military  end-use  or  an 

4  end-use  supporting  international  terrorism; 

5  "(B)  modified  for  military  or  terrorist  end- 

6  use;  or 

7  "(C)  reexported  without  any  authorization 

8  by  the   United   States   that   may  be   required 

9  under  this  Act. 

10  "(4)  Hardware  with  encryption  capabili- 

11  TIES. — The  Secretary  shall  authorize  the  export  or 

12  reexport  of  computer  hardware  with  encryption  ca- 

13  pabilities  if  the  Secretary  determines  that  a  product 

14  offering  comparable  security  is  commercially  avail- 

15  able  outside  the  United  States  from  a  foreign  sup- 

16  plier,  without  effective  restrictions. 

17  "(5)    Definitions. — ^As    used    in    this    sub- 

18  section — 

19  "(A)    the    term    'encryption'    means    the 

20  scrambling   of  wire    or   electronic    information 

21  using  mathematical  formulas  or  algorithms  in 

22  order  to  preserve  the  confidentiality,  integrity, 

23  or  authenticity  of,  and  prevent  unauthorized  re- 

24  cipients  from  accessing  or  altering,  such  infor- 

25  mation; 

•HR  3011  IH 


10 


8 

1  "(B)  the  term  'generally  available'  means, 

2  in  the  ^ase  of  software  (including  software  with 

3  encryption  capabilities),  software  that  is  offered 

4  for  sale,  license,  or  transfer  to  any  person  with- 

5  out   restriction,   whether  or  not   for  consider- 

6  ation,  including,  but  not  limited  to,  over-the- 

7  counter   retail    sales,    mail   order   transactions, 

8  phone   order   transactions,   electronic   distribu- 

9  tion,  or  sale  on  approval; 

10  "(C)  the  term  'as  is'  means,  in  the  case  of 

11  software  (including  software  with  encryption  ca- 

12  pabilities),  a  software  program  that  is  not  de- 

13  signed,  developed,  or  tailored  by  the  soft^vare 

14  publisher  for  specific  purchasers,   except  that 

15  such  purchasers  may  supply  certain  installation 

16  parameters  needed  by  the  software  program  to 

17  function  properly  with  the  purchaser's  system 

18  and  may  customize  the  software  program  by 

19  choosing  among  options  contained  in  the  soft- 

20  ware  program; 

21  "(D)  the  term  'is  designed  for  installation 

22  by  the  purchaser'  means,  in  the  case  of  soft- 

23  ware  (including  software  with  encryption  capa- 

24  bilities)  that — 


•HR  3011  IH 


11 


9 

1  "(i)  the  software  publisher  intends  for 

2  the  purchaser   (including  any  licensee  or 

3  transferee),  who   may  not  be   the   actual 

4  program  user,  to  install  the  software  pro- 

5  gram  on  a  computing  device  and  has  sup- 

6  plied  the  necessary  instructions  to  do  so, 

7  except  that  the  publisher  may  also  provide 

8  telephone  help  line  services  for  software  in- 

9  stallation,  electronic  transmission,  or  basic 

10  operations;  and 

11  "(ii)  the  software  program  is  designed 

12  for  installation  by  the  purchaser  without 

13  further  substantial  support  by  the  supplier; 

14  "(E)  the  term  'computing  device'  means  a 

15  device     which     incorporates     one     or     more 

16  microprocessor-based   central   processing   units 

17  that  can  accept,  store,  process,  or  provide  out- 

18  put  of  data;  and 

19  "(F)  the  term  'computer  hardware',  when 

20  used  in  conjunction  with  information  security, 

21  includes,  but  is  not  limited  to,  computer  sys- 

22  tems,    equipment,    application-specific    assem- 

23  blies,  modules,  and  integrated  circuits.". 

24  (b)   Continuation  of  Export  Administration 

25  Act. — For  purposes  of  carrying  out  the  amendment  made 

•HR  3011  IH 


12 

10 

1  by  subsection  (a),  the  Export  Administration  Act  of  1979 

2  shall  be  deemed  to  be  in  effect. 

O 


•HR  3011  IH 


13 

Mr.  Hyde.  Now  we  have  a  number  of  excellent  witnesses  with  us 
today,  and  I  look  forward  to  hearing  from  them. 
[The  opening  statement  of  Mr.  Hyde  follows:] 

Opening  Statement  of  Hon.  Henry  J.  Hyde,  a  Representative  in  Congress 
From  the  State  of  Illinois,  and  Chairman,  Committee  on  the  Judiciary 

Today  the  Committee  considers  H.R.  3011,  the  "Security  and  Freedom  Through 
Encryption  Act." 

Encrjrption  is  the  process  of  encoding  data  or  communications  in:  a  form  that  only 
the  intended  recipient  can  understand.  Once  the  exclusive  domain  of  the  national 
security  agencies,  encryption  has  become  increasingly  important  to  persons  and 
companies  in  the  private  sector — ^for  example,  to  protect  intellectual  property  and 
other  forms  of  proprietary  information  that  are  stored  and  transmitted  in  digital  for- 
mats. 

The  encrjrption  debate  encompasses  two  main  issues.  The  first  is  whether  there 
should  be  any  restrictions  on  the  domestic  use  and  sale  of  encryption  technology, 
and  in  particular,  whether  domestic  users  must  place  their  keys  in  escrow  with  the 
government  or  some  neutral  third  party.  Current  law  does  not  have  any  such  re- 
strictions. 

The  second  issue  is  whether  there  should  be  restrictions  on  the  export  of 
encrjTJtion  technology.  Current  law  regulates  the  export  of  encryption  technology  in 
the  same  manner  as  military  technology.  To  date,  the  State  Department  has  gen- 
erally only  allowed  the  export  of  relatively  weak  encryption  technology. 

With  respect  to  the  domestic  use  of  encr3T)tion,  the  Administration  generally  fa- 
vors a  key  escrow  system,  and  its  representatives  will  explain  more  about  this  pro- 
posal shortly.  The  law  enforcement  and  national  security  agencies  believe  that  a  key 
escrow  system  is  necessary  to  maintain  their  ability  to  perform  lawful  wiretaps  and 
to  read  computer  data  obtained  through  lawful  means. 

The  computer  industry,  the  larger  business  community,  and  privacy  groups  op- 
pose any  mandatory  key  escrow  system.  They  believe  that  a  mandatory  system 
would  unnecessarily  invade  the  privacy  of  users  and  that  law  enforcement  can  solve 
its  problems  by  acquiring  better  technology  to  decode  encrypted  materials.  They 
argue  that  the  benefits  of  preventing  crime  through  the  widespread  use  of 
encryption  outweigh  any  harm  to  law  enforcement  caused  by  that  use. 

With  respect  to  the  export  control  issue,  the  Administration  has  to  date  generally 
opposed  the  Ufting  of  the  current  export  controls.  It  argues  that  the  controls  are  stiU 
effective  and  that  our  allies  would  be  distressed  about  the  damage  to  law  enforce- 
ment efforts  if  we  lifted  the  controls. 

The  computer  industry  and  the  privacy  groups  argue  that  the  controls  ought  to 
be  substantially  relaxed,  if  not  eliminated.  They  argue  that  the  controls  are  easily 
evaded  because  many  encryption  products  are  already  available  to  anyone  over  the 
Internet  and  because  it  is  legal  for  anyone  to  come  into  the  United  States,  buy 
encryption  products,  and  take  them  out  of  the  country.  If  the  situation  does  not 
change,  they  beUeve  that  Americans  will  no  longer  dominate  this  field. 

We  have  a  niunber  of  excellent  witnesses  with  us  today,  and  I  look  forward  to 
hearing  fi-om  all  of  them.  I  will  now  recognize  Mr.  Conyers  for  an  opening  state- 
ment. If  other  members  have  opening  statements,  they  will  be  placed  in  the  record. 
We  have  a  number  of  witnesses  this  morning,  so  your  cooperation  in  moving  the 
hearing  along  is  appreciated. 

Mr.  Hyde.  I  now  recognize  Mr,  Conyers.  Does  Mr.  Conyers — ^you 
will  have  an  opening  statement? 

Ms.  LOFGREN.  Yes,  Mr.  Chairman. 

Mr.  Hyde.  All  right.  I'll  recognize  the  gentlelady  from  California, 
Ms.  Lofgren,  for  an  opening  statement,  and  if  other  members  have 
opening  statements,  they  will  be  placed  in  the  record.  We  have  a 
number  of  witnesses  this  morning,  so  your  cooperation  in  moving 
the  hearing  along  is  appreciated.  The  Chair  recognizes  the 
gentlelady  from  California,  Ms.  Lofgren. 

Ms.  Lofgren.  Thank  you,  Mr.  Chairman.  I  do  have  a  written 
statement  for  the  hearing  record,  but  I  would  like  to  say,  first,  a 
"thanks"  to  the  committee  for  having  this  hearing  today. 


14 

This  is  an  issue  that,  I  think,  is  enormously  important  to  the  eco- 
nomic well-being  of  the  United  States  and,  unfortunately,  too  much 
of  the  discussion  has  been  held  behind  closed  doors  when  really  it 
needs  to  be  discussed  publicly,  as  the  NRC  Report  delivered  earlier 
this  year  indicated.  I'd  like  to  also  give  credit  to  Congressman 
Goodlatte  for  his  leadership  in  introducing  the  bill,  which  I  am  a 
proud  cosponsor  of,  and  just  say  that  I  hope  this  is  the  beginning 
of  changing  a  very  wrong-headed  policy. 

This  can  be  done  administratively,  if  possible  legislatively,  if  re- 
quired. But  what  we  are  doing  now  as  a  Nation  is  clearly  not  work- 
able, and  I  say  that  not  with  disdain  for  the  legitimate  hopes  and 
responsibilities  of  law  enforcement,  which  has  an  important  job  to 
do  for  our  country,  but  just  in  recognition  of  the  market  conditions 
that  really  will  overwhelm  the  issues  that  I  think  law  enforcement 
is  really  concerned  about. 

For  us  to  control  beyond  DES,  when  triple-DES,  is  coming 
throughout  the  Nation,  for  us  to  cripple  our  domestic  producers  of 
encryption  when  IDEA-based  encryption  is  available  for  free  to  any 
person  who  has  Internet  access  through  Pretty  Good  Privacy,  I 
think  is  rather  ludicrous.  I  think  we  would  be  well-advised  for  our 
domestic  law  enforcement  and  industry  to  sit  down  together  and 
discuss  what  is  needed  to  pursue  our  mutual  goals  of  having  a  safe 
and  free  society. 

The  current  approach,  however,  will  lead  to  failure  in  law  en- 
forcement and,  unfortunately,  I  think  we  are  getting  close  to  real 
damage  to  high-tech  industries  in  this  country.  We  know  already 
that  Japan  is  moving  forward  aggressively  on  competing  technology 
that  it  is  beginning  to  widely  export,  along  with  companies  in  (Ger- 
many and  Europe  and  elsewhere.  I  know  that  there  is  hope  that 
somehow  key  escrow  can  be  agreed  upon  to  prevent  harm  to  law 
enforcement  and  national  security,  and  although  I  certainly  under- 
stand that  that  is  a  dream  of  law  enforcement,  I  think  it  is  only 
that — a  dream. 

We  have  individuals  capable  of  producing  this  technology  in  com- 
panies throughout  the  world.  It's  very  clear  to  me  that,  at  least 
from  what  I've  been  able  to  discover,  we  have  not  yet  seen  India, 
Pakistan,  and  Japan  leaping  forward  to  embrace  key  escrow  tech- 
nology, nor  do  customers  worldwide  find  that  acceptable.  And  so  I 
think  in  the  end  our  policy  will  only  cripple  an  important  domestic 
industry — and  I  mean  not  just  software,  but  hardware  and  a  whole 
high-tech  base  that  has  really  pushed  our  economy  forward — while 
doing  nothing  to  really  achieve  the  law  enforcement  goals,  which 
I  do  very  much  respect. 

So  with  that,  Mr.  Chairman,  I  appreciate  your  recognizing  me, 
and  I  will  give  my  written  statement  to  the  clerk. 

[The  prepared  statement  of  Ms.  Lofgren  follows:] 

Prepared  Statement  of  Hon.  Zoe  Lofgren,  a  Representative  in  Congress 
From  the  State  of  California 

First,  I  would  like  to  thank  the  Chairman  for  holding  this  hearing,  and  to  praise 
Congressman  Goodlatte  for  his  efforts  to  try  to  create  sensible  national  encryption 
policies  that  will  foster  America's  technological  development  and  economic  suprem- 
acy. 

Until  recently,  the  United  States  was  the  world  leader  in  the  development  of 
encryption  technology,  with  much  of  it  produced  in  Silicon  Valley,  my  home.  It 
would  seem  to  follow  that  American  companies  would  be,  and  would  continue  to  be, 

V 


15 

dominant  in  the  global  market  for  encryption  and  encrjrption-protected  products. 
However,  due  to  a  myopic  Federal  government  policy  regulating  this  technolo^,  our 
country  risks  losing  its  advantage  in  this  vital  industry;  many  within  the  industry 
believe  that  we  are  already  down  that  path. 

Export  controls,  implemented  before  the  advent  of  high  performance  computing, 
prevent  American  companies  from  exporting  the  strongest  encryption  available  on 
the  world  market,  and  from  utilizing  it  in  computer  software  and  hardware  that 
they  sell  overseas. 

This  export  policy  has  placed  the  U.S.  encryption  industry,  and  the  broader  high 
tech  industry,  in  peril.  If  the  United  States  cedes  the  overseas  encryption  market 
to  foreign  suppliers,  our  domestic  encryption  technology  producers  will  eventually 
be  driven  out  of  business  or  offshore.  In  addition,  our  entire  computer  and  tech- 
nology industry  would  be  seriously  impaired. 

Computer  hardware  and  software  producers  are  barred  from  exporting  informa- 
tion systems  integrated  with  powerful  encryption,  but  their  international  customers 
want  this  technology  to  secure  their  proprietary  information.  Potential  overseas  pur- 
chasers are  thus  required  to  either  purchase  U.S.  products  with  inferior  encrjrption, 
or  to  look  to  non-American  suppliers,  who  are  becoming  more  plentiful  each  year. 
Obviously,  this  is  an  entirely  untenable  situation  for  our  nigh  tech  exporters. 

The  problem  also  extends  to  the  domestic  market  because  it  is  generally  not  fea- 
sible for  technology  companies,  which  have  very  short  product  lives  (typically  12  to 
24  months),  to  develop  two  products  simultaneously:  one  for  export  and  another  for 
domestic  sale.  Therefore,  domestic  users  are  also  generally  deprived  of  the  best  cryp- 
tographic products,  made  by  American  companies,  and  must  also  purchase  foreign 
products. 

The  estimated  losses  to  the  U.S.  information  industry  could  reach  as  high  as  30 
to  60  bilUon  doUars  annually  by  the  year  2000.  These  estimates  do  not  even  fully 
account  for  the  lost  potential  of  other  international  electronic  commerce  over  the 
Internet,  and  the  effect  that  the  aforementioned  circumstances  could  have  on  U.S. 
companies  that  want  to  participate  in  this  potentially  enormous  market. 

I  understand  the  government's  desire  to  nave  access  to  electronic  files  and  to  mon- 
itor electronic  communications  that  could  be  encrypted.  However,  I  believe  that  it 
is  time  for  the  government  to  recognize  that  superior  encryption  products  are  al- 
ready widely  available  and  being  sold  by  overseas  competitors,  and  that  the  current 
controls  only  hurt  American  industry,  without  furthering  law  enforcement  and  na- 
tional security  goals. 

In  her  July  15th  letter  to  me,  Deputy  Attorney  General  Gorelick  argued  that  the 
assertion  that  "the  genie  is  already  out  of  the  bottle"  for  strong  cryptography  is  not 
borne  out  by  the  current  availability  of  products  overseas.  Even  if  this  were  true, 
and  the  evidence  seems  to  say  otherwise,  it  is  indisputable  that  the  science  behind 
strong  cryptography  is  well  known,  and  has  been  widely  discussed  in  academic  lit- 
erature distributed  all  over  the  globe.  If  these  products  are  not  currently  available, 
and  some  of  them  can  be  downloaded  off  of  the  Internet  right  now,  then  they  cer- 
tainly will  be  in  a  very  short  period  of  time. 

The  Deputy  Attorney  General  also  argues  that  the  United  States,  combined  with 
its  allies,  can  control  the  world  encrj^ption  market  and  can  coordinate  the  implemen- 
tation of  an  international  "key  escrow"  regime.  Notwithstanding  the  absence  of  any 
demonstrable  progress  toward  such  an  agreement,  the  aspirations  for  a  comprehen- 
sive global  key  escrow  scheme  ignore  the  undeniable  power  of  market  demand  for 
crjrptographic  products  that  do  not  incorporate  any  form  of  escrow.  The  customers 
that  purchase  encryption  products  do  not  want  products  with  escrowed  keys,  and 
if  U.S.  suppliers  are  forbidden  to  supply  these  products,  then  someone  else  undoubt- 
edly will.  Whatever  hopes  we  may  have  for  an  international  system  of  key  escrow, 
we  will  never  achieve  100  percent  participation,  and  those  who  do  not  participate 
will  profit  heavily  at  our  expense. 

Rather  than  continuing  to  pursue  this  flawed  and  unworkable  poUcy,  I  would  urge 
the  national  security  and  law  enforcement  community  to  assume  a  cooperative  pos- 
ture with  our  domestic  technology  industry,  and  utilize  the  minds  of  the  foremost 
scientists  in  the  world  to  pursue  technological  answers  to  their  national  security  and 
law  enforcement  concerns.  While  we  have  probably  lost  much  of  our  ability  to  mon- 
itor the  totality  of  digital  communications  and  data,  with  the  assistance  of  the  pri- 
vate sector  the  U.S.  government  could  have  the  most  potent  decoding  tools  available 
in  the  world. 

In  order  to  reverse  current  government  encryption  policy.  Congressman  Goodlatte, 
along  with  myself  and  several  other  Members  of  the  Committee,  introduced  H.R. 
3011,  the  Security  and  Freedom  Through  Encryption  (SAFE)  Act,  which  would  rec- 
ognize the  rights  of  Americans  to  use  encryption,  to  sell  it  domestically,  and  to  liber- 
alize export  controls  on  generally  available  encr3T)tion  technology.  While  I  am  dis- 


16 

appointed  that  the  104th  Congress  will  not  act  on  this  issue,  I  am  hopeful  that  this 
Committee  will  give  prompt  consideration  to  this  important  legislation  early  in  the 
next  Congress  and  that  the  President  will  sign  it  into  law  before  our  technology  in- 
dustry suffers  irreparable  harm. 

Mr.  Hyde.  I  thank  the  gentlelady. 

Does  the  gentlelady  from  Texas  seek  recognition? 

Ms.  Jackson  Lee.  I  do,  Mr.  Chairman.  I'd  like  unanimous  con- 
sent to  submit  my  entire  statement  for  the  record. 

Mr.  Hyde.  Without  objection,  so  ordered. 

Ms.  Jackson  Lee.  Thank  you  very  much. 

I  briefly  wanted  to  comment  on  the  importance  of  this  hearing, 
recognizing  that  in  times  past  it  was  only  spies  that  were  con- 
cerned with  coded  messages,  with  what  the  experts  now  call  cryp- 
tography. But,  unfortunately,  or  maybe  fortunately,  now  that  we've 
moved  into  the  information  age,  that  is  not  the  only  concern  that 
we  have.  Now  confidential  information,  including  private  medical 
records,  credit  information,  and  all  manner  of  financial  reports  are 
reduced  to  electronic  packets  of  information  that  flow  in  a  stream 
of  electrons  through  computer  networks  from  one  location  to  an- 
other. Hackers  and  other  intruders,  though  they  have  no  right  to 
do  so,  reach  into  this  information  stream  and  extract  our  secrets, 
and  they  don't  just  invade  our  privacy;  they  cost  us  money. 

So  with  that,  I  raise  concerns  about  these  unconsented  invasions 
costing  our  privacy  and  financial  resources  that  will  multiply  in  the 
future,  rather  than  diminish.  Industry  studies  indicate  that  more 
employees  at  all  corporate  levels  now  have  access  to  corporate  in- 
formation systems.  It  is  discouraging  that  many  more  hackers  are 
penetrating  those  corporate  computer  systems  every  year. 

Many  of  us  recall,  of  course,  the  early  stages  of  hacker  use  and 
the  excitement  that  we  would  hear  when  hackers  would  invade,  for 
example,  the  Defense  Department  and  activities  that  the  Govern- 
ment was  involved  in.  Notably,  the  Federal  Government,  then,  is 
not  immune.  Last  year  about  250,000  hackers  attacked  the  Penta- 
gon's unclassified  computers — and  you  may  find  this  startling — 
about  160,000  of  them  succeeded  and  actually  got  into  the  Penta- 
gon files. 

Let  me  say,  however,  as  I  listen  to  the  proceedings  this  morning, 
I'll  be  very  concerned  to  balance  both  the  need  for  protection  along 
with  the  needs  for  recognizing  free  enterprise  and  the  value  of  the 
information  age.  I'll  remain  open  to  the  hearing  proceeding  before 
us  and  would  consider  that  we  balance  the  needs  for  protection  and 
privacy  with,  of  course,  our  concern  with  the  Bill  of  Rights  and  free 
speech  and  free  access. 

With  that,  Mr.  Chairman,  I'll  yield  back  the  balance  of  my  time 
and,  again,  will  submit  a  more  complete  statement  for  the  record. 

[The  prepared  statement  of  Ms.  Jackson  Lee  follows:] 

Prepared  Statement  of  Hon.  Sheila  Jackson  Lee,  a  Representative  in 
Congress  From  the  State  of  Texas 

I  would  thank  Chairman  Hyde  for  convening  this  hearing  on  an  important  issue 
that  will  confront  our  society  as  we  continue  to  make  technological  advancements. 
I  think  that  it  is  important  we  carefully  examine  the  provisions  of  H.R.  3011,  the 
Security  and  Freedom  Through  Encryption  Act. 

Encryption  secures  messages  sent  by  computer  by  scrambling  the  data  so  that  is 
can  only  be  read  by  the  person  applied  a  particular  formula.  This  legislation  amends 
the  federal  criminal  code  to  permit  any  person  within  a  state  and  American  in  a 


17 

foreign  country  to  use  any  encryption  method  as  long  there  is  no  unlawful  use  of 
encryption  to  further  a  criminal  act. 

The  bill  also  addresses  the  trade  restrictions  employed  on  this  technology  because 
of  its  use  by  the  Department  of  Defense  and  intelligence  agencies.  For  many  years, 
encryption  technology  has  been  closed  to  private  industry. 

Since  we  are  near  the  end  of  the  session,  we  will  not  be  able  markup  this  bill 
but  it  is  important  that  we  hold  this  hearing  and  learn  more  about  this  issue.  I  ap- 
preciate the  witnesses  appearing  before  the  committee  today  and  I  look  forward  to 
their  testimony. 

Mr.  Hyde.  I  thank  the  gentlelady. 

Does  the  gentleman  from  Michigan  desire  to  be  recognized? 

Mr.  CONYERS.  Could  I  reserve,  Mr.  Chairman,  for  a  few  minutes? 

Mr.  Hyde.  Surely. 

Mr.  CONYERS.  Thank  you  very  much. 

Mr.  Hyde.  Does  anybody  else  have  an  opening  statement?  Any 
statements  that  you  choose  to  have  entered  into  the  record  will  be 
entered  into  the  record. 

And  so,  our  first  panel  this  morning  consists  of  our  very  good 
friend  and  Judiciary  Committee  colleague.  Bob  Goodlatte,  who  rep- 
resents the  Sixth  District  of  Virginia.  He  is  the  chief  sponsor  of 
H.R.  3011,  the  bill  before  us  this  morning.  He  has  worked  long  and 
he  has  worked  hard  on  this  issue,  and  we  appreciate  his  efforts  to 
bring  this  important  subject  to  our  attention.  We  look  forward  to 
his  testimony. 

Mr.  Goodlatte. 

STATEMENT  OF  HON.  BOB  GOODLATTE,  A  REPRESENTATIVE 
IN  CONGRESS  FROM  THE  STATE  OF  VIRGINIA 

Mr.  Goodlatte.  Mr.  Chairman,  thank  you  very  much  for  holding 
today's  hearing  on  my  legislation,  the  Security  and  Freedom 
Through  Encryption  Act,  which  has  45  cosponsors,  including  many 
members  of  this  committee,  both  Republicans  and  Democrats. 

Although  the  session  is  quickly  coming  to  a  close,  this  is  a  very 
valuable  opportunity  for  members  of  this  committee  to  learn  more 
about  this  complicated  issue  of  encryption  policy.  I  have  a  state- 
ment to  submit  for  the  record,  and  I  will  not  read  all  of  it,  but 
would  like  to  make  that  a  part  of  the  record. 

Mr.  Hyde.  Without  objection,  so  ordered. 

Mr.  Goodlatte.  I  will  begin  by  stating  from  the  outset  that  I, 
like  every  other  member  of  this  committee,  am  100  percent  commit- 
ted to  giving  law  enforcement  the  tools  they  need  to  fight  crime, 
including  domestic  and  international  terrorism.  This  is  a  respon- 
sibility that  each  one  of  us  takes  extremely  seriously.  Not  one  of 
us  would  support  policy  changes  that  jeopardize  public  safety  or 
national  security. 

I  also  believe,  however,  that  the  chief  roadblock  to  electronic 
commerce  on  the  Internet  is  Government  regulation  of  enciyption. 
No  matter  how  badly  policymakers  wish  and  want  the  global  infor- 
mation infrastructure  to  be  successful,  it  won't  flourish  until  this 
roadblock  is  removed. 

Mr.  Chairman,  the  goals  of  ensuring  the  availability  of  strong 
encryption  and  of  ensuring  that  law  enforcement  can  continue  to 
be  effective  are  not  mutually  exclusive.  We  can  do  both.  The  threat 
of  economic  espionage  is  very  real  for  American  businesses.  Strong 
encryption  will  allow  American  businesses  to  protect  themselves 


18 

from  this  threat.  American  firms  currently  lose  billions  of  dollars 
each  year  due  to  theft  of  proprietary  economic  information.  That 
threat  grows  exponentially  with  the  growth  of  digital  commerce. 
The  lack  of  good  encryption  leaves  computer  users  vulnerable  to 
the  prying  eyes  of  hackers,  corporate  competitors,  and  even  foreign 
governments. 

The  Computer  Emergency  Response  Team,  known  as  CERT, 
based  at  the  Carnegie  Mellon  University  in  Pittsburgh,  reports  that 
the  number  of  reported  intrusions  into  U.S. -based  computer  sys- 
tems rose  from  773  in  1992  to  more  than  2,300  in  1994,  a  197  per- 
cent increase  in  2  years.  Additionally,  CERT  reported  the  number 
of  sites  attacked  rose  more  than  89  percent  during  the  same  period. 
Once  into  a  computer  system,  hackers  have  the  ability  to  steal, 
modify,  or  destroy  sensitive  data;  thus,  the  potential  costs  to  busi- 
ness are  staggering. 

It  just  seems  logical  that  if  encr3Aption  technology  is  available  to 
protect  information  being  sent  on  electronic  networks,  people  ought 
to  be  able  to  use  that  technology.  I  have  learned  in  numerous  meet- 
ings I  have  had  with  administration  officials  on  this  issue  that  they 
view  the  situation  quite  differently.  For  instance,  I  have  been  told 
by  officials  at  the  FBI  that  export  controls  are  a  means  to  keep  do- 
mestic users  from  getting  strong  encryption.  The  administration  is 
using  export  controls  to  shape  what  encryption  technology  is  used 
internationally,  and,  by  extension,  what  is  available  in  the  United 
States.  That  threat  should  strike  fear  in  the  heart  of  every  single 
computer  user  in  this  country,  and  it  just  won't  work. 

I've  said  it  before  and  I'll  say  it  again:  law  enforcement  just  can't 
put  the  technological  genie  back  into  the  bottle.  Foreign  competi- 
tors are  selling  strong  and  good  encryption,  and  criminals  and 
international  terrorists  are  going  to  have  access  to  that  strong 
encryption.  Studies  show  the  availability  of  over  500  foreign  prod- 
ucts and  programs  with  strong  encryption  capabilities,  much 
stronger  than  U.S.  companies  can  export.  In  addition,  encr5rption 
programs  of  up  to  128  bits,  such  as  Pretty  Good  Encryption,  can 
be  downloaded  from  the  Internet.  U.S.  export  controls  simply  will 
not  keep  encryption  out  of  the  hands  of  people  who  want  to  use  it 
for  criminal  purposes.  The  days  when  U.S.  export  controls  could  ef- 
fectively limit  the  foreign  availability  of  encryption  are  long  gone. 
Any  criminal  who  has  a  computer  and  a  modem  can  obtain  strong 
security. 

I  applaud  the  administration  for  looking  at  this  issue  and  realiz- 
ing that  we  must  move  toward  a  liberalization  of  our  export  con- 
trols. However,  from  the  discussions  I've  had  with  administration 
officials  and  from  press  reports  of  the  latest  soon-to-be-released 
encryption  proposal,  I  believe  the  administration  may  be  going 
down  the  wrong  path. 

Earlier  this  year,  the  National  Research  Council  released  a  re- 
port advocating  that  the  administration  immediately  liberalize  ex- 
port controls  on  encr3T)tion  to  56  bits  without  implementing  a  key 
escrow  plan,  which  they  said  would  not  work.  This  report  was  very 
good  news  for  those  of  us  who  have  been  supporting  such  a  move. 
From  information  that  I  have  gathered  in  my  meetings  with  ad- 
ministration officials  and  in  recent  press  reports,  I  do  not  believe 
that  the  administration  is  prepared  to  follow  the  recommendation 


19 

of  the  NRC  report.  It  is  my  understanding  that  the  administration 
is  proposing  a,  quote,  "key  recovery"  plan  and  allowing  encryption 
exports  of  up  to  56  bits  only  if  companies  commit  to  implement  key 
recovery.  That  is  very  bad  news. 

The  arguments  that  the  FBI,  CIA,  and  NSA  have  given  me  to 
justify  the  need  for  a  massive  key  escrow,  or  now  it  is  called  key 
recovery  plan,  just  don't  ring  true  in  1996.  They  have  stated  that 
they  cannot  effectively  crack  56-bit  DES  encryption,  yet  a  recent 
report  from  a  group  of  cryptography  experts  demonstrates  that  the 
Government  can  crack  a  message  encoded  with  40  bits  of 
encryption — the  current  export  allowed  level — in  two  ten-thou- 
sandths of  a  second,  .0002,  for  one-tenth  of  a  penny.  They  can  crack 
56  bits  in  12  seconds  at  a  cost  of  $38.  That's  pretty  good  evidence 
that  lifting  controls  to  56  bits  DES,  or  even  stronger,  won't  prevent 
the  FBI  and  NSA  from  doing  their  jobs. 

To  slightly  change  an  old  saying  about  another  controversial 
issue,  if  you  outlaw  encryption,  only  the  outlaws  will  have 
encryption.  A  very  compelling  argument  can,  in  fact,  be  made  that 
the  use  of  encryption  will  actually  decrease  terrorism.  The  use  of 
security  on  electronic  networks  can  prevent  a  whole  new  breed  of 
terrorism.  It  could  prevent  terrorists  from  manipulating  power 
plant  operations,  or  air  traffic  control  systems,  or  even  from  chang- 
ing the  engineering  designs  of  products,  potentially  endangering  us 
all. 

Current  export  controls  aren't  succeeding  in  keeping  encrjrption 
products  out  of  the  hands  of  computer  users  in  other  countries,  but 
they  are  putting  U.S.  computer  companies  at  a  competitive  dis- 
advantage. An  economic  study  released  in  December  1995  by  the 
Department  of  Commerce  demonstrates  that  failure  to  address 
these  export  controls  by  the  year  2000  will  cost  the  U.S.  economy 
$60  billion  and  200,000  jobs;  that's  the  administration's  own  De- 
partment of  Commerce. 

U.S.  computer  companies — world  leaders  in  cutting-edge  tech- 
nology— must  have  the  freedom  to  develop  products  with  strong  se- 
curity features  which  meet  computer-user  demands  and  privacy 
concerns  in  the  United  States  and  abroad.  Many  questions  remain 
unanswered  by  the  administration,  and  today  I  will  ask  them  a 
number  about  their  unreleased  proposal.  My  first  question  is,  Why 
now?  The  administration  has  been  promising  to  send  up  its 
encryption  proposal  for  months.  Why  do  they  choose  to  start  talk- 
ing about  it  the  week  before  the  Congress  is  going  out  of  session? 

Many  substantive  questions  remain  as  well.  Will  the  administra- 
tion's proposal  relax  exports  to  56-bit  DES  only,  or  to  other  algo- 
rithm strengths?  Will  it  apply  to  custom  software  only,  or  to  mass 
market  software?  Will  it  apply  to  stored  data  only,  or  stored  data 
and  communications?  Will  participation  be  truly  voluntary?  Will 
key  recovery  products  be  able  to  interoperate  with  nonkey  recovery 
products?  For  that  matter,  I  will  be  interested  to  see  how  the  term 
"key  recovery"  is  defined.  If  the  key  must  be  held  by  an  agent  cer- 
tified by  the  Government,  which  for  the  time  means  an  approved 
entity  in  the  United  States  with  at  least  some  employees  having  se- 
cret security  clearances,  the  proposal  will  raise  many  crucial  pri- 
vacy concerns.  Such  a  proposal  involves  substantial  costs,  would  be 


20 

a  significant  administrative  burden  for  U.S.  firms,  and  threatens 
the  privacy  of  U.S.  citizens. 

Mr.  Hyde.  Could  the  gentleman  bring  his  remarks  to  a  close — 
I  don't  want  to  short-circuit  him. 

Mr.  GOODLATTE.  Sure,  I'll  wrap  it  up  right  now,  Mr.  Chairman. 

This  is  why  it  is  so  crucial  for  Congress  to  pass  legislation  early 
next  Congress  to  prevent  this  from  happening.  I  introduced  this 
legislation  to  protect  every  American's  right  to  use  and  sell 
encrjrption  and  protect  their  privacy,  as  well  as  to  liberalize  current 
export  controls.  My  legislation  would  continue  to  ensure  that  all 
Americans  have  the  right  to  choose  any  security  system  to  protect 
their  confidential  information,  prohibit  "Big  Brother"  from  mandat- 
ing a  back  door  into  people's  computer  systems,  make  it  unlawful 
to  use  encryption  in  the  commission  of  a  crime  or  to  willfully  cover 
up  a  crime,  and  to  allow  the  U.S.  computer  industry  to  export  gen- 
erally-available hardware  and  software  if  a  product  with  com- 
parable security  is  commercially  available  from  foreign  suppliers. 

This  legislation  has  widespread  support  from  groups  across  the 
ideological  spectrum,  including  the  American  Civil  Liberties  Union, 
Americans  for  Tax  Reform,  and  the  NRA.  As  we  enter  a  new  cen- 
tury, the  opportunities  created  by  technology  abound.  We  must  be 
willing  as  a  country  to  use  that  technology  to  achieve  success.  We 
can't  have  our  Government  holding  us  back  as  the  rest  of  the  world 
surges  forward.  Enacting  legislation  to  reform  export  controls  on 
encryption  should  be  at  the  top  of  the  list  of  the  issues  that  this 
committee  addresses  in  the  105th  Congress. 

Thank  you,  Mr.  Chairman. 

[The  prepared  statement  of  Mr.  Goodlatte  follows:] 

Prepared  Statement  of  Hon.  Bob  Goodlatte,  a  Representative  in  Congress 
From  the  State  of  Virginia 

Mr.  Chairman,  Thank  you  for  holding  today's  hearing  on  my  legislation,  the  Secu- 
rity and  Freedom  Through  Encryption  Act  which  has  45  cosponsors,  many  members 
of  this  Committee,  both  Republicans  and  Democrats. 

Although  the  session  is  quickly  coming  to  a  close,  this  is  a  very  valuable  oppor- 
tunity for  Members  of  this  Committee  to  learn  more  about  the  compUcated  issue  of 
encr3T)tion  policy. 

I  will  begin  by  stating  from  the  outset  that  I,  like  every  other  Member  of  this 
Committee  is  one-hundred  percent  committed  to  giving  law  enforcement  the  tools 
they  need  to  fight  crime,  including  domestic  and  international  terrorism.  This  is  a 
responsibility  that  each  one  of  us  takes  extremely  seriously.  Not  one  of  us  would 
support  policy  changes  that  jeopardize  pubUc  safety  or  national  security. 

I  also  believe,  however,  that  the  chief  roadblock  to  electronic  commerce  on  the 
Internet  is  government  regulation  of  encryption.  No  matter  how  badly  poUcy  makers 
wish  and  want  the  Global  Information  Infrastructure  to  be  successful — it  won't 
flourish  until  this  roadblock  is  removed. 

Mr.  Chairman,  the  goals  of  ensuring  the  availability  of  strong  encrs^ption  and  of 
ensuring  that  law  enforcement  can  continue  to  be  effective  are  not  mutually  exclu- 
sive. We  can  do  both. 

Encrjrption  is  the  ability  to  protect  stored  data  and  information  being  commu- 
nicated on  electronic  networks.  By  using  mathematical  algorithms  to  encode  infor- 
mation, a  sender  can  scramble  information  so  that  only  the  intended  recipient  can 
decode  it.  Just  as  an  individual  who  mails  a  letter  today  puts  it  in  an  envelope  to 
ensure  its  privacy  from  prying  eyes,  a  computer  user  can  envelop  a  message  sent 
via  a  computer  system  to  ensure  it  won't  be  read  by  anyone  who  should  not. 

Encryption  is  a  basic  technology  that  is  in  great  demand.  Computer  users  world- 
wide want  to  be  able  to  protect  the  confidentiality  of  their  computer  communica- 
tions. 

Americans  currently  enjoy  the  right  to  use  any  level  of  encryption  we  might 
choose.  That  is  a  right  that  I  have  been  working  to  protect.  However,  the  Adminis- 


21 

tration's  antiquated  export  controls  are  jeopardizing  this  right.  Although  computer 
users  are  demanding  strong  encryption,  American  businesses  can't  sell  that  strong 
encryption  outside  of  the  IJnited  States.  Foreign  competitors  however,  aren't  delay- 
ing in  developing  and  selling  strong  encryption.  These  foreign  competitors  are  on  the 
cusp  of  setting  the  worldwide  standard  for  encryption  technology. 

Inow  that  there  are  more  than  35  million  Internet  users  worldwide  and  more  than 
21,000  businesses  are  connected  to  the  Internet,  we've  already  entered  the  era  of 
electronic  commerce  in  cyberspace.  And  as  more  and  more  companies  begin  to  rely 
on  digital  commerce,  efforts  to  protect  confidential  and  sensitive  company  informa- 
tion carried  on  this  network  become  more  important.  The  need  for  secure  commu- 
nications has  moved  well  beyond  governments  to  the  privacy  concerns  of  average 
citizens  and  businesses. 

The  threat  of  economic  espionage  is  very  real  for  American  businesses.  Strong 
encryption  will  allow  American  businesses  to  protect  themselves  from  this  threat. 
American  firms  currently  lose  billions  of  dollars  each  year  due  to  the  theft  of  propri- 
etary economic  information.  That  threat  grows  exponentially  with  the  growth  of  dig- 
ital commerce.  The  lack  of  good  encryption  leaves  computer  users  vulnerable  to  the 
prying  eyes  of  hackers,  corporate  competitors,  and  even  foreign  governments. 

The  Computer  Emergency  Response  Team,  known  as  CERT,  based  at  the  Carne- 
gie Mellon  University,  in  Pittsburgh  reports  that  the  number  of  reported  intrusions 
into  U.S.  based  computer  systems  rose  from  773  in  1992  to  more  than  2,300  by 
1994— a  197  percent  increase  in  two  years.  Additionally,  CERT  reported  the  number 
of  sites  attacked  rose  more  than  89  percent  during  the  same  period. 

Once  into  a  computer  system,  hackers  have  the  ability  to  steal,  modify,  or  destroy 
sensitive  data — thus  the  potential  costs  to  business  are  staggering. 

It  just  seems  logical  that  if  encryption  technology  is  available  to  protect  informa- 
tion being  sent  on  electronic  networks,  people  ought  to  be  able  to  use  that  tech- 
nology. I  have  learned  in  numerous  meetings  I  have  had  with  Administration  offi- 
cials on  this  issue  that  they  view  they  view  the  situation  quite  differently.  For  in- 
stance, I  have  been  told  by  officials  at  the  FBI  that  export  controls  are  a  means  to 
keep  domestic  users  from  getting  strong  encrjrption.  The  Administration  is  using  ex- 
port controls  to  shape  what  encryption  technology  is  used  intemationallv,  and  by 
extension,  what  is  available  in  the  United  States.  That  threat  should  strike  fear  in 
the  heart  of  every  single  computer  user  in  this  country  and  it  just  won't  work.. 

I've  said  it  before  and  I'll  say  it  again — law  enforcement  just  can't  put  the  techno- 
logical genie  back  into  the  bottle.  Foreign  competitors  are  selling  good  and  strong 
encryption — and  criminals  and  international  terrorists  are  going  to  have  access  to 
that  strong  encryption.  Studies  show  the  availabiUty  of  over  500  foreign  products 
and  programs  with  strong  encryption  capabilities — much  stronger  than  U.S.  compa- 
nies can  export.  In  addition  encryption  programs  up  to  128  bits  such  as  Pretty  Good 
Encryption  can  be  downloaded  from  the  Internet. 

U.S.  export  controls  simply  will  not  keep  encryption  out  of  the  hands  of  people 
who  want  to  use  it  for  criminal  purposes.  The  days  when  U.S.  export  controls  could 
effectively  limit  the  foreign  availability  of  encryption  are  long  gone.  Any  criminal 
who  has  a  computer  and  a  modem  can  obtain  strong  security. 

I  applaud  the  Administration  for  looking  at  this  issue  and  realizing  that  we  must 
move  toward  a  liberalization  of  our  export  controls.  However,  from  the  discussions 
I've  had  with  Administration  officials  and  from  press  reports  of  the  latest  "soon  to 
be  released"  encryption  proposal,  I  believe  that  the  Administration  is  going  down 
the  wrong  path. 

Earlier  tnis  year  the  National  Research  Council  released  a  report  advocating  that 
the  Administration  immediately  liberalize  export  controls  on  encryption  to  56  bits 
without  implementing  a  "key  escrow"  plan  which  they  said  would  not  work.  This 
report  was  very  good  news  for  those  of  us  who  had  been  advocating  such  a  move. 
From  information  that  I  have  gathered  in  my  meetings  with  Administration  officials 
and  in  recent  press  reports,  I  do  not  beUeve  that  the  Administration  is  prepared  to 
follow  the  recommendation  in  the  NRC  report.  It  is  my  understanding  that  the  Ad- 
ministration is  proposing  a  "key  recovery"  plan  and  allowing  encryption  exports  up 
to  56  bits  only  if  companies  commit  to  implement  key  recovery.  That  is  very  bad 
news. 

The  arguments  that  the  FBI,  CIA  and  NSA  have  given  me  to  justify  the  need  for 
a  massive  "key  escrow"  or  now  it  is  called  "key  recovery"  plan  just  don't  ring  true 
in  1996.  They  have  stated  that  they  cannot  effectively  crack  56  bit  DES  encryption. 
Yet,  a  recent  report  from  a  group  of  cryptography  experts  demonstrates  that  the 
government  can  crack  a  message  encoded  with  40  bits  of  encryption  in  .0002  seconds 
for  .001  dollars.  They  can  crack  56  bits  in  12  seconds  at  a  cost  of  $38.  That's  pretty 
good  evidence  that  lifting  controls  to  56  bits  DES  or  even  stronger  won't  prevent 
the  FBI  and  NSA  from  doing  their  jobs. 


22 

To  slightly  change  an  old  saying  about  another  controversial  issue — "if  you  outlaw 
encryption,  only  the  outlaws  will  have  encryption." 

A  very  compelling  argument  can  in  fact  be  made  that  the  use  of  encryption  will 
actually  decrease  terrorism.  The  use  of  security  on  electronic  networks  can  prevent 
a  whole  new  breed  of  terrorism.  It  could  prevent  terrorists  from  manipulating  power 
plant  operations  or  air  traffic  control  systems,  or  even  from  changing  the  engineer- 
ing designs  of  products,  potentially  endangering  us  all. 

Current  export  controls  aren't  succeeding  in  keeping  encryption  products  out  of 
the  hands  of  computer  users  in  other  countries,  but  they  are  putting  U.S.  computer 
companies  at  a  competitive  disadvantage.  An  economic  study  released  in  December 
of  1995  by  the  Department  of  Commerce  demonstrates  that  failure  to  address  these 
export  controls  by  the  year  2000  will  cost  the  U.S.  economy  $60  billion  and  200,000 
jobs. 

U.S.  computer  companies — world  leaders  in  cutting  edge  technology — must  have 
the  freedom  to  develop  products  with  strong  security  features  which  meet  computer 
user  demands  and  privacy  concerns  in  the  U.S.  and  abroad.  The  government 
shouldn't  cripple  the  computer  industry  every  time  a  new  technology  is  developed 
that  challenges  law  enforcement. 

Many  questions  remain  unanswered  by  the  Administration  and  today  I  wiU  ask 
them  a  number  about  their  unreleased  proposal.  Many  questions  remain  unan- 
swered. My  first  question  is  why  now?  The  Administration  has  been  promising  to 
send  up  its  encryption  proposal  for  months.  Why  do  they  choose  to  start  talking 
about  it  the  week  before  Congress  is  going  out  of  session? 

Many  substantive  questions  remain.  Will  the  Administration's  proposal  relax  ex- 
ports to  56  bit  DES  only  or  to  other  algorithm  strengths?  Will  it  apply  to  custom 
software  only  or  to  mass  market  software?  Will  it  apply  to  stored  data  only  or  stored 
data  and  communications?  Will  participation  be  truly  voluntarily?  Will  key  recovery 
products  be  able  to  interoperate  with  Donkey  recovery  products?  For  that  matter  I 
will  be  interested  to  see  how  the  term  key  recovery  is  defined.  If  the  key  must  be 
held  by  an  agent  certified  by  the  government,  which  for  the  time  means  an  approved 
entity  in  the  United  States  with  at  least  some  employees  having  secret  security 
clearances,  the  proposal  will  raise  many  crucial  privacy  concerns. 

Such  a  proposal  involves  substantial  costs,  would  be  a  significant  administrative 
burden  for  U.S.  firms,  and  threatens  the  privacy  of  U.S.  citizens. 

In  addition,  if  this  doesn't  work  and  individuals  don't  voluntarily  embrace  key  es- 
crow then  Administration  officials  have  said  in  meetings  with  me  that  they  will  seek 
legislation  forcing  Americans  to  use  only  encryption  to  which  the  government  has 
access. 

Such  an  action  could  open  American  citizens'  and  businesses'  confidential  data 
and  valuable  proprietary  information  to  unwarranted  government  interception, 
search  and  seizure.  Law  enforcement  officials  and  FBI  agents  will  be  able  to  obtain 
access  to  financial  transactions  and  personal  correspondence. 

This  represents  a  huge  jump  ft"om  the  current  situation  since  Americans  can  cur- 
rently use  and  seU  whatever  encryption  they  want  without  having  to  give  the  key 
to  anybody — much  less  the  government.  How  will  the  government  get  built-in  access 
to  American's  electronic  information?  The  government  intends  to  leverage  user  de- 
mand for  global  interoperability  of  computer  systems;  and  American  industry's  de- 
sire to  be  able  to  sell  a  single  program  worldwide  (i.e.  to  export)  in  order  to  satisfy 
that  demand  and  meet  foreign  competition.  Domestic  law  enforcement  agencies  and 
the  NSA  are  driving  this  initiative — they  want  access  to  encrypted  information. 

That  is  why  it  is  so  crucial  for  Congress  to  pass  legislation  early  next  Congress 
to  prevent  this  from  happening. 

I  introduced  the  Security  and  Freedom  Through  Encryption  Act  (S.A.F.E.)  to  pro- 
tect every  American's  right  to  use  and  sell  encryption  and  their  privacy  as  well  as 
to  liberalize  current  export  controls.  My  legislation  would: 

Continue  to  ensure  that  all  Americans  have  the  right  to  choose  any  security 
system  to  protect  their  confidential  information. 

Prohibit  "big  brother"  from  mandating  a  back  door  into  people's  computer  sys- 
tems. 

Make  it  unlawfiil  to  use  encrjrption  in  the  commission  of  a  crime  or  to  will- 
fvdly  cover  up  a  crime. 

And  allow  the  U.S.  computer  industry  to  export  generally  available  software 
and  hardware  if  a  product  with  comparable  security  is  commercially  available 
from  foreign  suppliers. 

Similar  legislation,  PROCODE,  has  been  introduced  in  the  Senate  by  Senators 
Bums  and  Leahy.  A  series  of  hearings  have  been  held  on  their  bill  in  the  Senate 
Commerce  Committee  where  these  issues  have  been  thoroughly  debated. 


23 

The  legislation  has  the  support  of  major  industry  groups.  Privacy  advocates  across 
the  ideological  spectrum:  not  only  such  "liberal"  groups  as  the  ACLU  and  EPIC,  but 
libertarian  and  conservative  groups  as  Americans  for  Tax  Reform,  and  the  NRA 
have  coalesced  behind  it. 

They  support  my  bill  because  the  government's  proposal  is  antimarketplace, 
anticonsumer  and  antibusiness. 

As  we  enter  a  new  century  the  opportunities  created  by  technology  abound — we 
must  be  willing  as  a  country  to  use  that  technology  to  achieve  success.  We  can't 
have  our  government  holding  us  back  as  the  rest  of  the  world  surges  forward.  En- 
acting legislation  to  reform  ejcport  controls  on  encryption  should  be  at  the  top  of  the 
list  of  issues  that  this  Committee  addresses  in  the  105th  Congress.  Thank  you  Mr. 
Chairman. 

Mr.  Hyde.  I  thank  the  gentleman. 

Are  there  any  questions  of  the  gentleman?  The  gentleman  from 
Virginia,  Mr.  Scott. 

Mr.  ScOTT.  I  had  a  couple  of  questions,  Mr.  Chairman. 

Well,  first,  did  you  have  time  to  complete  your  statement?  Did 
you  leave  anything  out  that  we  needed  to  hear? 

Mr.  GOODLATTE.  There's  quite  a  bit  more  here,  and  it  is  in  your 
packet  of  materials. 

Mr.  ScOTT.  I  was  going  to  say  that  I  had  5  minutes,  that  you 
could  use  my  5  minutes  to  complete,  but  I've  been  looking  at  the 
chairman  and  I  don't  think  I  ought  to  do  that.  I  yield  back.  [Laugh- 
ter.] 

Mr.  Hyde.  Well,  the  gentleman  is  excessively  devious.  [Laugh- 
ter.] 

Mr.  GrOODLATTE.  And  excessively  generous,  too,  I  might  add. 

Mr.  Hyde.  Yes.  The  gentlelady  from  Texas. 

Ms.  Jackson  Lee.  Thank  you  very  much,  Congressman;  thank 
you,  as  well. 

Let  me — and  I  know  that  it  may  have  been  included  in  your  re- 
marks and  I  may  have  missed  it — how  does  this  balance — your  leg- 
islation— how  does  it  strike  the  balance?  I  think  I  mentioned  want- 
ing to  make  sure  that  we  had  a  balance  between  the  free  market 
and  the  need  for  privacy.  How  does  your  legislation  balance  that 
with  respect  to  those  areas? 

Mr.  GrOODLATTE.  Well,  as  between  the  free  market  and  the  con- 
cerns of  individuals  regarding  protecting  their  privacy,  this  legisla- 
tion is  directed  at  both.  In  terms  of  the  free  market,  what  it  is  de- 
signed to  do  is  to  allow  U.S.  manufacturers  of  software — and  75 
percent  of  the  software  sold  in  the  world  is  created  and  manufac- 
tured in  the  United  States;  to  sell  that  software  abroad.  We  domi- 
nate that  market  right  now,  but  with  at  least  500  foreign  products 
available  in  the  marketplace  that  have  stronger  encryption  than 
U.S.  manufacturers  are  allowed  to  export,  we're  going  to  lose  that 
competitive  advantage.  This  bill  allows  the  raising  of  encryption 
levels  to  match  foreign  competition. 

With  regard  to  protecting  the  right  of  privacy  of  individuals  in 
the  United  States,  what  this  legislation  does  is  prohibit  the  Gov- 
ernment from  establishing  a  key  escrow  system  whereby  everyone 
in  this  country — and  in  just  a  very  few  years  that's  going  to  mean 
millions  of  Americans — who  use  encryption  for  a  wide  variety  of 
reasons  to  protect  their  communications  have  to  give  the  Govern- 
ment access  to  their  key.  People  ought  to  be  able  to  use 
encrytpion — whether  it  be  with  their  bank  or  their  doctor  or  just 
among  individuals  who  have  common  views  and  want  to  share 


24 

those  views  without  discussing  it  in  front  of  the  world.  Even  if  an 
individual  communicates  with  his  or  her  grandmother  he  or  she 
ought  to  be  able  to  use  encryption  without  giving  the  Government 
access.  Encryption  is  going  to  be  a  predominate  part  of  Internet 
communications. 

What  the  Government  is  proposing  is  to  require  that  everybody 
put  the  key  to  decode  those  communications  into  a  central  data 
bank,  if  you  will,  raising  a  great  many  concerns  on  the  part  of  orga- 
nizations like  the  American  Civil  Liberties  Union  about  the  privacy 
of  individuals,  and  this  legislation  would  prohibit  the  Government 
from  enacting  such  a  program. 

Ms.  Jackson  Lee.  Thank  you.  I  have  no  further  questions. 

Mr.  Hyde.  If  there  are  no  further  questions,  I  thank  the  gen- 
tleman and  ask  him  to  come  up  here  with  the  rest  of  us. 

In  the  next  panel,  we  have  two  witnesses  who  will  present  the 
administration's  position  on  the  encryption  issue.  First,  from  the 
Department  of  Justice  we  have  Jamie  Gorelick,  the  Deputy  Attor- 
ney General  of  the  United  States.  Ms.  Gorelick  is  a  graduate  of 
Harvard  University  and  Harvard  Law  School.  Before  joining  the 
Clinton  administration,  she  was  a  partner  in  the  Washington  law 
firm  of  Miller,  Cassidy,  Larroca  &  Lewin.  In  1993  she  joined  the 
administration  as  the  general  counsel  to  the  Department  of  De- 
fense before  taking  her  current  post  in  the  Department  of  Justice. 

We  also  have  the  Honorable  William  Crowell,  the  Deputy  Direc- 
tor of  the  National  Security  Agency.  Mr.  Crowell  is  a  graduate  of 
Louisiana  State  University.  Except  for  one  short  tour  in  private  in- 
dustry, he's  been  with  the  agency  since  1962.  He  became  Deputy 
Director  in  1994. 

Ms.  Gorelick  and  Mr.  Crowell  are  accompanied  by  Mr.  William 
Reinsch,  the  Under  Secretary  of  Commerce  for  Export  Administra- 
tion. Mr.  Reinsch  will  not  testify,  but  will  be  available  to  answer 
questions  relating  to  the  export  control  issue. 

We,  indeed,  welcome  all  of  you  and  look  forward  to  your  testi- 
mony, and  however  you  wish  to 

Ms.  LOFGREN.  Mr.  Chairman. 

Mr.  Hyde.  Ms.  Gorelick. 

Ms.  LoFGREN.  Mr.  Chairman,  may  I  just  make  a  quick  comment? 

Mr.  Hyde.  Surely. 

Ms.  LOFGREN.  I  am  exceedingly  interested  in  this  subject,  and  I 
do  not  want  the  witnesses  to  think  I'm  not  interested  in  what  they 
have  to  say,  but  I  must  leave  for  a  time  because  I'm  helping  to 
manage  two  of  our  bills  on  the  floor,  and  I  just  wanted  to  say  that 
because  this  issue  is  so  important. 

Mr.  Hyde.  Very  well. 

Ms.  Gorelick. 

STATEMENT  OF  JAMIE  S.  GORELICK,  DEPUTY  ATTORNEY 
GENERAL,  DEPARTMENT  OF  JUSTICE 

Ms.  GrORELlCK.  Thank  you,  Mr.  Chairman  and  members  of  the 
committee,  for  giving  us  the  opportunity  to  discuss  our  policy  on 
encryption  and  the  pending  bill,  H.R.  3011. 

I  would  ask  that  my  full  testimony  be  made  a  part  of  the  record; 
it  was  submitted  in  writing. 


25 

Mr.  Hyde.  Without  objection,  so  ordered.  The  normal  timespan 
allotted  is  5  minutes;  we  will  not  hold  you  to  5  minutes  because 
we  didn't  hold  Mr.  Goodlatte  to  5  minutes,  and  so,  if  you  could  be 
as  concise  as  possible  so  we  will  have  time  for  other  testimony. 

Ms.  GORELICK.  Absolutely,  Mr.  Chairman.  The  dialogue  with  the 
committee  is  the  most  important  thing,  and  we  will  try  to  ensure 
that  there  is  adequate  time  for  that. 

Mr.  Hyde.  Thank  you. 

Mr.  Goodlatte,  would  you  come  up  and  assume  the  Chair? 

Ms.  Gk)RELlCK.  I'll  summarize  my  testimony. 

In  the  last  several  years  the  issue  of  encryption  has  been  debated 
throughout  the  United  States.  In  the  din  of  the  debate,  however, 
the  impact  of  unbreakable  encryption  on  domestic  law  enforcement 
and  on  national  security  has  been  understated  and  sometimes  ig- 
nored, and  I'd  like  to  focus  on  the  public  safety  aspects  of  this  issue 
this  morning.  When  I  say  public  safety  as  opposed  to  law  enforce- 
ment, I  think  that  that's  an  important  distinction.  I  think  that  peo- 
ple need  to  realize  that  this  is  not  the  interest  of  the  FBI  or  even 
your  local  sheriff  that  we're  talking  about  here.  This  is  the  interest 
of  the  kidnap  victim,  the  victim  of  fraud,  the  person  who  has  an 
interest  in  his  or  her  police  and  FBI  actually  being  able  to  do  their 
jobs. 

We  believe — and  let  me  just  be  very  clear  about  this — that 
encryption  is  an  important  element  of  personal  security.  When  you 
have,  as  we  have  and  will  have,  a  global  information  infrastruc- 
ture, you  need  cryptography  in  order  to  protect  the  privacy  of  com- 
munications and  in  order  to  protect  the  ability  of  commerce  to 
thrive  on  that  information  superhighway.  But  there  are  also  other 
concerns:  public  safety,  national  security,  and  the  Government's 
being  able  to  respond  to  terrorist  threats,  organized  crime,  and  for- 
eign intelligence  agents.  Therefore,  when  I  talk  about  balance,  I'm 
talking  about  balancing  the  interests  of  privacy  and  commerce,  on 
the  one  hand  with  the  interests  of  public  safety,  on  the  other.  And 
I  think  we  have  to  have  a  policy  and  a  program  that  honors  both, 
and  we  are  concerned  that  the  proliferation  of  unbreakable 
encryption  would  really  undermine  public  safety. 

If  unbreakable  encrj^tion  proliferates,  we  will  lose  a  very  impor- 
tant law  enforcement  tool  in  the  form  of  court-ordered  wiretaps  and 
the  ability  to  search  computer  files.  Right  now,  as  you  know,  even 
if  we  are  able  to  satisfy  the  very  rigorous  and  very  strenuous  legal 
and  procedural  requirements  for  a  wiretap  order,  that  order  will  be 
absolutely  worthless,  absolutely  worthless,  if,  when  we  conduct  the 
wiretap,  all  we  get  is  an  unintelligible  jumble  of  noises  and  sym- 
bols. That  is  what  will  happen  if  we  have  the  proliferation  of 
encryption  that  is  absolutely  unbreakable. 

Now,  some  industry  and  privacy  advocates  claim  that  strong 
encryption,  like  56-bit  DES,  should  be  exportable  without  any  re- 
striction, even  if  it  leads  to  a  massive  proliferation  of  such  prod- 
ucts, because  we  can  be  given  the  resources  necessary  to  decrypt 
DES-encrypted  communications.  They  argue  that  expensive  and 
fast  computers  can  be  used  to  decipher  communications  by  brute 
force.  Now  what  is  'Ibrute  force?"  Brute  force  means  using  every 
possible  key  to  decipher  a  communication;  that's  what  it  means. 
And  I'm  here  to  tell  you,  and  Bill  Crowell  is  here  to  tell  you,  that 


26 

the  brute  force  numbers  that  you  have  been  given  that  are  the 
premise  of  this  notion  that  there  is  a  technological  solution  for  us 
are  just  not  correct.  And  Bill  will  spend  more  time  on  this,  and  I 
think  it  is  appropriate  that  we  do  so. 

But,  basically,  the  average  time  needed  to  decr3^t  by  brute  force 
a  single  message  encrypted  with  56-bit  DES  is  about  a  year  and 
87  days  using  a  $30  million  Cray  supercomputer.  Now  this  is  not 
timely  decryption.  Moreover,  we  are  not  confronted  with  just  one 
message.  In  1995,  for  example,  over  2  million  communications  were 
intercepted  as  a  result  of  court-authorized  wiretaps.  Now  that  is  a 
very  tiny — less  than  1  percent — of  all  of  the  communications  that 
there  are,  but  they  are  critically  important  to  our  ability  to  protect 
people  in  this  country. 

So  what  we  have  to  do  is  encourage  the  use  of  encrjqjtion  that 
will  protect  privacy  and  commerce  but  preserve  our  ability  to  pro- 
tect public  safety,  and  that  is  why  we  advocate,  and  why  we  are 
working  with  our  foreign  partners  toward,  the  establishment  of  a 
key  recovery  or  key  management  system.  This  system  would  pro- 
tect individuals  who  want  to  use  encryption,  but  it  would  allow 
there  to  be  some  entity  that  could  respond  to  a  legitimate  court 
order  and  provide  the  key  necessary  to  decipher  the  information 
subject  to  that  order.  We  have  to  be  able  to  do  that  in  order  to 
maintain  our  ability  to  protect  the  public  safety. 

Now  I  think — I  want  to  make  two  points  about  a  key  recovery 
system.  First  of  all,  I  think  businesses  are  recognizing  their  own 
need  for  some  method  of  escrowing  keys  because  they  face  the  pos- 
sibility that  some  employee  could  come  along  and  encrypt  their 
data  and  take  away  the  keys,  and  then  they  would  have  no  access 
to  their  own  information. 

Similarly,  in  the  foreign  commerce  that  will  control  the  market- 
place, there  will  be  a  need  for  a  common  and  interoperable  system. 
We  believe  that  there  has  to  be  a  uniform  international  standard 
that  will  promote  commerce  and  that  will  promote  and  protect  the 
security  needs  within  each  of  the  countries  who  would  participate. 
And  the  experts  group  working  within  the  Organization  for  Eco- 
nomic Cooperation  and  Development,  which  is  meeting  tomorrow 
and  the  day  after  on  draft  principles  on  encryption,  acknowledges, 
I  think,  the  need  for  a  system  that  provides  for  lawful  access  to 
protect  public  safety  and  national  security.  And  I  think  that  will 
become  the  worldwide  standard  for  users  of  the  global  information 
infrastructure,  if  we  continue  our  international  leadership  in  this 
area. 

Now  I  would  like  to  spend  one  minute  addressing  the  question 
of  whether  the  genie  is  already  out  of  the  bottle.  I  don't  think  that 
it  is.  It  is  not  correct  to  say  that  unbreakable  encryption  is  ubiq- 
uitous overseas;  Deputy  Director  Crowell  will  address  this  argu- 
ment more  fully.  But  let  me  just  say  that  although  there  are  strong 
encr3T)tion  products  that  can  be  found  overseas,  those  products  are 
not  ubiquitous,  and  that  is  in  part  because  the  export  of  strong 
cr3rptography  is  controlled  by  both  the  United  States  and  other 
countries.  Aiid  the  products  that  are  available  are  not  widely  used 
because  there  is  not  yet  the  infrastructure  to  support  the  distribu- 
tion of  keys  and  to  provide  interoperability  among  different  prod- 
ucts. 


27 

Finally,  the  quality  of  encryption  products  that  are  offered 
abroad  varies  tremendously,  and  they  do  not,  I  think,  fulfill  their 
promise  of  providing  real  security.  The  reason  that  American  man- 
ufacturers believe  there  is  a  big  marketplace  for  encryption,  even 
though  you  can  take  it  off  the  Internet,  is  because  no  one  wants 
to  use  what  is  available  over  the  Internet  because  they  don't  trust 
it,  and  that  is,  in  my  view,  a  very  good  reason. 

We  need  to  pursue  this  balanced  policy.  As  I  indicated  to  you, 
Mr.  Cjoodlatte,  in  our  conversation  of  last  week,  I  wish  I  could  an- 
nounce today  the  administration's  approach.  I'm  unable  to  do  so, 
and  therefore  am  a  little  bit  hamstrung  in  the  answers  that  I  can 
provide  to  the  questions  that  you  listed  earlier.  But  I  do  believe 
this  dialog  is  very  important.  Please  know  that  we  have  not  waited 
until  the  end  of  your  session.  First  of  all,  we  haven't  known  when 
the  end  of  your  session  would  be. 

But,  second  of  all,  this  is  an  issue  that  is  very  difficult,  as  you 
know,  and  we  promised  to  come  back  here  in  September.  And  I  be- 
lieve that  we  will  be  able  to  come  back  to  you  again  with  more  in- 
formation on  the  administration  approach,  and  if  you  are  not  here 
personally,  we  will  reach  out  to  you,  wherever  you  may  be.  Thank 
you. 

[The  prepared  statement  of  Ms.  Gorelick  follows:] 

Prepared  Statement  of  Jamie  S.  Gorelick,  Deputy  Attorney  General, 
Department  of  Justice 

Thank  you,  Mr.  Chairman  and  members  of  the  Committee,  for  providing  me  with 
this  opportunity  to  discuss  with  you  the  Administration's  pohcy  on  the  important 
and  complex  issue  of  encryption  and  our  position  on  H.R.  3011.  Although  the  De- 
partment of  Justice  opposes  H.R.  3011,  we  look  forward  to  continuing  the  productive 
discussions  we  have  had  with  Congress  on  this  issue. 

Since  1992,  when  AT&T  announced  its  plan  to  sell  a  small,  portable  telephone  de- 
vice that  would  provide  users  with  low-cost  but  robust  voice  encrj^jtion,  the  issue 
of  encr3rption — that  is,  the  use  of  mathematical  algorithms  to  protect  the  confiden- 
tiality of  data — has  been  vociferously  debated  in  the  United  States.  Some  people — 
legitimately  concerned  about  privacy,  commerce,  and  computer  security — have  advo- 
cated the  unfettered  proUferation  of  strong  encryption  products,  and  disapprove  of 
the  Administration's  attempt  to  promote  cryptographic  methods  that  allow  for  law 
enforcement  access  to  plain  text.  They  have  argued  that  government  should  simply 
stay  out  of  the  encryption  issue  entirely.  Government  controls  on  the  export  of 
strong  cryptography  have  come  in  for  particular  criticism.  In  the  din  of  the  debate 
and  in  some  legislative  proposals,  however,  the  significant  impact  that  unbreakable 
encryption  would  have  on  domestic  law  enforcement  and  national  security  has  often 
been  ignored  or  understated. 

First,  let  me  make  clear  that  we  believe  that  the  availability  and  use  of  strong 
cryptography  are  critical  if  the  "Global  Information  Infrastructure"  (Gil)  is  to  fulfill 
its  promise.  Communications  and  data  must  be  protected — both  in  transit  and  in 
storage — if  the  Gil  is  to  be  used  for  personal  communications,  financial  transactions, 
medical  care,  the  development  of  new  intellectual  property,  and  myriad  other  appli- 
cations. Indeed,  people  sometimes  lose  sight  of  the  fact  that  law  enforcement  is  re- 
sponsible, in  part,  for  protecting  privacy  and  promoting  commerce  over  our  nation's 
communications  networks.  We  protect  communications  privacy, '  for  instance,  by 
prosecuting  those  who  would  violate  the  communications  privacy  of  others,  and  we 
help  promote  commerce  by  enforcing  laws  that  protect  intellectual  property  rights, 
by  combating  computer  and  communications  fraud,  and  by  helping  to  protect  the 
confidentiality  of  business  data.  Our  support  for  robust  encrjT)tion  stems  from  this 
commitment  to  protecting  privacy  and  commerce. 

At  the  same  time,  however,  we  must  be  mindful  of  our  other  principal  responsibil- 
ities: protecting  public  safety  and  national  security  against  the  threats  posed  by  ter- 
rorists, organized  crime,  foreign  intelligence  agents,  and  others,  and  to  prosecute  se- 
rious crime  when  it  does  occur.  Thus,  notwithstanding  the  significant  benefits  of 
encryption,  we  are  gravely  concerned  that  the  proliferation  and  use  of  unbreakable 
encryption  would  seriously  undermine  our  abiUty  to  perform  these  critical  missions. 


28 

Court-authorized  wiretaps  have  proven  to  be  one  of  the  most  successful  law  en- 
forcement tools  in  preventing  and  prosecuting  serious  crimes,  including  terrorism. 
In  addition,  as  society  becomes  more  dependent  on  computers,  evidence  (and  the 
fruits)  of  crimes  are  increasingly  found  in  stored  computer  data,  which  can  be 
searched  and  seized  pursuant  to  court-authorized  warrants.  But  if  unbreakable 
encryption  proliferates,  these  critical  law  enforcement  tools  would  be  nullified.  Thus, 
for  example,  even  if  the  government  satisfies  the  rigorous  legal  and  procedural  re- 
quirements for  obtaining  a  wiretap  order  (which  can  be  obtained  only  in  limited  cir- 
cumstances), the  wiretap  would  essentially  be  worthless  if  the  intercepted  commu- 
nications of  the  targetea  criminals  amount  to  an  unintelligible  jumble  of  noises  or 
symbols.  The  potential  harm  to  law  enforcement — and  to  the  nation's  domestic  secu- 
nty — could  be  devastating. 

Our  concern  is  neither  theoretical  nor  overstated.  We  have  already  begun  to  en- 
counter the  harmful  effects  of  encryption  in  recent  investigations. 

In  the  Aldrich  Ames  spy  case,  Ames  was  instructed  by  his  Soviet  handlers 
to  encrypt  computer  file  information  to  be  passed  to  them. 

Ramzi  Yousef,  recently  convicted  of  conspiring  to  blow  up  10  U.S.  owned  air- 
liners in  the  Far  East,  and  his  co-conspirators  apparently  stored  information 
about  their  terrorist  plot  in  an  encrypted  computer  file  in  Manila.  (Yousef  is 
also  one  of  the  alleged  masterminds  of  the  World  Trade  Center  bombing.) 

In  a  child  pornography  case,  one  of  the  subjects  used  encryption  in  transmit- 
ting obscene  and  pornographic  images  of  children  over  the  Internet. 

In  a  major  international  drug-trafficking  case,  the  subject  of  a  courtordered 
wiretap  used  a  telephone  encryption  device,  significantly  hindering  the  surveil- 
lance. 

Some  of  the  anti-government  militia  groups  are  now  promoting  the  use  of 
encryption  as  a  means  of  thwarting  law  enforcement  investigations. 

In  several  major  hacker  cases,  the  subjects  have  encrypted  computer  files, 
thereby  concealing  evidence  of  serious  crimes. 
These  are  just  a  few  examples  of  recent  cases  involving  encryption.  As  encryption 
proliferates  and  becomes  an  ordinary  component  of  mass  market  items,  and  as  the 
strength  of  encryption  products  increases  to  the  point  of  denying  law  enforcement 
access  to  intercepted  communications  or  stored  electronic  evidence,  the  threat  to 
public  safety  will  increase  exponentially. 

Some  people  argue  that  individuals  should  have  a  right  to  absolute  privacy  from 
governmental  intrusion,  regardless  of  the  costs  to  public  order  and  safety,  and  that 
any  new  technology  that  enhances  absolute  privacy  should  go  unrestricted.  But  our 
society  has  never  recognized  an  absolute  right  to  privacy.  Rather,  the  Fourth 
Amendment  strikes  a  careful  balance,  permitting  government  invasion  of  privacy 
(including  searches  of  someone's  personal  communications  and  papers)  to  prevent, 
solve,  and  prosecute  crimes,  but  only  when  the  government  demonstrates  "probable 
cause"  and,  absent  exigent  circumstances,  obtains  a  warrant  fi-om  a  neutral  and  de- 
tached magistrate.  Unbreakable  encryption  would  upset  this  delicate  constitutional 
balance,  which  is  one  of  the  bedrock  principles  of  our  legal  system,  by  effectively 
nullifying  a  court's  issuance  of  a  search  warrant  or  wiretap  order.  The  notion  that 
advances  in  technology  should  dictate  public  policy  is  backwards.  Technology  should 
serve  society,  not  rule  it;  technology  should  promote  public  safety,  not  defeat  it. 

Similarly,  some  industry  and  privacy  advocates  claim  that  strong  encryption  such 
as  56-bit  DES  should  be  exportable  without  restriction  because,  even  if  this  leads 
to  a  massive  proliferation  of  DES  products  both  at  home  and  abroad,  U.S.  law  en- 
forcement ana  intelligence  agencies  can  be  given  the  resources  necessary  to  decrypt 
DES-enciypted  communications.  Essentially,  they  argue  that  expensive,  fast  com- 
puters can  be  used  to  decipher  encrypted  communications  by  "brute  force" — which 
essentially  means  trying  every  possible  "kejr"  (a  sequence  of  symbols  that  deter- 
mines the  transformation  from  plain  text  to  cipher-text,  and  vice  versa)  until  the 
right  one  is  found.  For  several  reasons,  this  argument— that  "brute  force  attacks" 
and  additional  resources  will  resolve  the  encryption  debate — does  not  withstand 
scrutiny. 

First,  estimates  regarding  the  amount  of  time  needed  to  decrypt  an  encrypted 
message  by  brute  force  are  purely  theoretical  and  do  not  consider  the  realities  asso- 
ciated with  brute  force  attecks.  For  example,  such  attacks  assume  that  the  nature 
of  the  underljdng  plain  text  is  known  in  advance  (e.g.,  one  knows  fi"om  the  outset 
that  the  text  consists  of  words  in  English).  In  fact,  the  "plain  text"  may  be  a  foreign 
language,  a  graphic  display,  or  some  other  form  of  data  completely  unknown  to  the 
person  trying  to  decipher  it. 

Moreover,  according  to  the  National  Security  Agency's  own  estimates,  the  average 
time  needed  to  decrypt  a  single  message  by  means  of  a  brute  force  cryptoanalytic 
attack  on  56-bit  DES  would  be  approximately  one  year  and  eighty-seven  days  using 


29 

a  thirty-million-dollar  Cray  supercomputer.  Of  course,  law  enforcement  would  not 
be  confronted  with  only  one  message  to  decrypt.  During  1995,  for  example,  federal 
and  state  courts  authorized  more  than  a  thousand  electronic  surveillance  court  or- 
ders, resulting  in  over  two  million  intercepted  communications.  Given  such  num- 
bers, brute  force  attacks  are  not  a  feasible  solution. 

Additionally,  law  enforcement  agencies  at  the  federal,  state,  and  local  level  are 
finding  that  searches  in  routine,  non-wiretap  cases  now  commonly  result  in  the  sei- 
zure of  electronically  stored  information.  Because  storage  devices  have  increased  in 
capacity  and  decreased  in  price,  the  quantity  of  data  seized  in  "ordinary"  cases  con- 
tinues to  increase  dramatically.  If  all  of  these  communications  and  stored  files  were 
DES-encrypted,  brute  force  attacks  would  not  provide  a  meaningful  and  timely  solu- 
tion, especially  since  some  cases,  such  as  kidnappings,  may  require  immediate 
decryption  to  prevent  death  or  serious  bodily  harm.  Thus,  even  if  hundreds  of  such 
supercomputers  were  built  (an  expensive  undertaking,  to  say  the  least),  the  approxi- 
mately 17,000  federal,  state,  and  local  law  enforcement  agencies  could  not  be  given 
timely  access  to  necessary  decryption  services. 

Finally,  many  proponents  of  strong  encryption  advocate  its  proliferation  precisely 
because  it  cannot  be  decrjTJted  by  the  government.  Thus,  even  if  the  government 
could  acquire  the  ability  to  quickly  decirpt  DES-encrypted  communications  and  in- 
formation, many  of  the  brute  force  advocates  would  push  for  even  greater  key 
lengths,  on  the  ground  that  56bit  DES  no  longer  provided  acceptable  security.  But 
greater  key  len^hs  would,  of  course,  increase  the  difficulty  and  cost  of  decrypting 
encrypted  data  even  more. 

Our  goal,  then,  must  be  to  encourage  the  use  of  strong  encr3T)tion  to  protect  pri- 
vacy and  commerce,  but  in  a  way  that  preserves  law  enforcement's  ability  to  protect 
public  safety  and  national  security  against  terrorism  and  other  criminal  threats.  A 
consensus  is  now  emerging  throughout  much  of  the  world  that  the  way  to  achieve 
this  balance  is  through  the  use  of  a  "key  recovery"  or  "trusted  third  party"  system. 
Under  this  system,  a  key  for  a  given  encryption  product  would  be  deposited  with 
a  trusted  third  party  or  "escrow"  agent,  which  could  be  a  private  party  or  a  govern- 
mental entity.  (Some  entities,  such  as  large  corporations,  might  be  able  to  hold  their 
own  keys,  provided  that  certain  procedural  protections  were  established  to  preserve 
the  integrity  of  a  law  enforcement  investigation.)  The  government  would  then  be 
able,  upon  presenting  a  certification  from  the  relevant  law  enforcement  official,  to 
obtain  the  keys  from  the  escrow  agent  in  order  to  decrypt  information  obtained  pur- 
suant to  legal  authorization. 

Again,  it  is  critical  to  keep  in  mind  that,  under  a  key  recovery  system,  the  govern- 
ment would  not  be  able  to  access  arbitrarily  the  encrypted  communications  of  the 
average  lawabiding  citizen  or  business,  because  access  to  encrypted  data  could  be 
obtained  only  as  part  of  a  legally  authorized  investigation.  The  same  constitutional 
and  statutory  protections  that  preserve  every  American's  privacy  interests  today 
would  prevent  unauthorized  intrusions  in  a  key  recovery  regime.  Thus,  under  a  key 
recovery  system,  there  would  be  no  increase  in  the  government's  authority  to  search 
or  siu^^eill  private  communications.  At  the  same  time,  though,  individuals  and  com- 
panies would  gain  the  benefit  of  strong  cryptography  to  protect  against  non-govern- 
mental intrusions  into  their  privacy. 

Beyond  the  interest  in  effective  law  enforcement,  many  businesses  are  beginning 
to  recognize  their  own  need  for  some  method  of  escrowing  keys.  A  private  company, 
for  example,  might  find  that  one  of  its  employees  had  improperly  taken  and 
encrypted  confidential  information  in  the  company's  files  and  then  absconded  with 
the  company's  only  copy  of  the  keys.  In  such  a  situation,  the  company's  only  means 
of  retrieving  the  information  might  be  to  obtain  the  keys  from  the  escrow  agent. 
And  recent  hacker  cases,  such  as  the  one  involving  an  intrusion  into  Citibank's  com- 
puters by  hackers  in  St.  Petersburg,  Russia,  have  further  demonstrated  to  many 
businesses  the  general  need  for  a  cop  on  the  "information  superhighway."  A  key  re- 
covery system  would  provide  businesses  with  the  encryption  they  need  to  protect 
their  own  communications  and  stored  data  while  preserving  law. enforcements  abil- 
ity to  track  down  and  prosecute  criminals  who  use  encrj^tion  in  an  effort  to  conceal 
evidence  of  their  illegal  activities. 

Key  recovery  thus  holds  great  promise  for  providing  the  security  and  confidential- 
ity businesses  and  individuals  want  and  need,  while  preserving  the  government's 
ability  to  protect  public  safety  and  national  security.  Because  there  are  no  restric- 
tions on  the  use  of  encryption  domestically,  however,  there  is  presently  no  way  to 
require  the  manufacture  and  use  of  key  recovery  products.  The  Administration 
therefore  has  been  pursuing  a  policy  to  promote  the  voluntary  manufacttire  and  use 
of  key  recovery  products,  and  the  development  of  a  key  management  infrastructure 
("KMI"),  in  the  hope  that  market  forces  will  make  such  products  a  de  facto  industry 
standard. 


36-300    96-2 


30 

We  also  have  been  engaged  in  ongoing  discussions  on  this  subject  with  foreign 
governments,  which  are  now  anxious  to  join  us  in  developing  international  stand- 
ards to  address  this  issue  on  a  global  scale.  In  fact,  an  experts  working  group  of 
the  Organization  for  Economic  Cooperation  and  Development  (OECD)  is  meeting  on 
September  26  and  27  to  consider  draft  principles  that  would  acknowledge  the  need 
for  encryption  products  and  services  that  allow  for  lawful  government  access  to  pro- 
tect public  safety  and  national  security.  We  believe  that  key  recovery  encryption  will 
become  the  worldwide  standard  for  users  of  the  Gil  if  we  continue  our  international 
leadership  in  this  area. 

If  key  recovery  encryption  does  become  the  worldwide  standard,  U.S.  businesses 
will  be  able  to  compete  abroad  effectively,  retaining  and  even  expanding  their  mar- 
ket share.  At  the  same  time,  law  enforcement  agencies  will  have  a  legally  author- 
ized means  of  decrypting  encoded  data.  This  approach  would  therefore  effectively 
serve  the  interests  oi  all  Americans. 

The  argument  is  sometimes  made  that  key  recovery  encryption  is  not  the  solution, 
because  criminals  will  simply  use  non-key  recovery  encryption  to  communicate 
among  themselves  and  to  hide  evidence  of  their  crimes.  But  we  believe  that  if  strong 
key  recovery  encryption  products  that  will  not  interoperate — at  least  in  the  long 
term — with  non-key  recovery  products  are  made  available  both  overseas  and  domes- 
tically and  become  part  of  a  global  KMI,  such  products  will  become  the  worldwide 
standard.  Under  those  circumstances,  even  criminals  will  be  compelled  to  use  key 
recovery  products,  because  even  criminals  need  to  communicate  with  legitimate  or- 
ganizations such  as  banks,  both  nationally  and  internationally. 

Let  me  turn  now  to  H.R.  3011.  We  believe  that  the  central  provision  of  the  bill. 
Section  3 — which  would  effectively  eliminate  all  export  controls  on  strong 
encr3T)tion — would  undermine  public  safety  and  national  security  by  encouraging 
the  proliferation  of  unbreakable  encryption.  We  therefore  strongly  oppose  the  oill. 

We  have  heard,  of  course,  the  oft-repeated  argument  that  the  "genie  is  already 
out  of  the  bottle" — that  strong  cryptography  is  already  widely  available  overseas  and 
over  the  Internet  and  that  attempts  to  limit  its  spread  are  futile,  and  serve  only 
to  handicap  U.S.  manufacturers  seeking  to  sell  their  encryption  products  overseas. 
We  disagree.  Deputy  Director  Crowell  will  address  this  argument  more  fully  in  his 
testimony,  but  let  me  just  mention  four  points  briefly. 

First,  although  strong  encryption  products  can  be  found  overseas,  these  products 
are  not  ubiquitous,  in  part  because  the  export  of  strong  cryptography  is  controlled 
by  both  the  U.S.  and  other  countries.  It  is  worth  noting  in  this  regard  that  export 
of  encryption  over  the  Internet,  like  any  other  means  of  export,  is  restricted  under 
U.S.  law.  Although  it  is  difficult  completely  to  prevent  encryption  products  from 
being  sent  abroad  over  the  Internet,  we  believe  that  the  legal  restrictions  have  sig- 
nificantly limited  the  use  of  the  Internet  as  a  means  of  evading  export  controls. 

Second,  the  products  that  are  available  overseas  are  not  widely  used  because 
there  is  not  yet  an  infrastructure  to  support  the  distribution  of  keys  among  users 
and  to  provide  interoperability  among  the  different  products.  Third,  the  quality  of 
encryption  products  offered  abroad  varies  greatly,  with  some  encryption  products 
not  providing  the  level  of  protection  advertised.  Finally,  the  availability  of 
encr>'ption  over  the  Internet  does  not  undermine  the  utility  of  controls  on  exports 
of  software  or  hardware  products.  The  simple  fact  is  that  the  vast  majority  of  busi- 
nesses and  individuals  with  a  serious  need  for  strong  encryption  do  not  and  will  not 
rely  on  encryption  downloaded  from  the  Internet.  For  these  reasons,  export  controls 
therefore  continue  to  serve  an  important  function. 

A  few  other  factors  are  important  to  consider  regarding  export  controls.  First,  our 
allies  strongly  concur  that  unrestricted  export  of  encryption  would  severely  hamper 
law  enforcement  objectives.  Indeed,  when  the  U.S.  let  it  be  known  at  a  December 
1995  meeting  of  the  OECD  that  it  was  considering  allowing  the  export  of  some 
stronger,  non-escrowed  encryption,  many  of  our  allies  expressed  dismay  at  the  pros- 

Eect  of  such  an  action.  They  feared  that  it  would  flood  the  global  market  wath  un- 
reakable  cryptography,  increasing  its  use  by  criminal  organizations  and  terrorists 
throughout  Europe  and  the  world.  It  follows  that  the  elimination  of  U.S.  export  con- 
trols, as  provided  by  H.R.  3011,  would  have  an  even  more  devastating  impact  on 
international  law  enforcement.  It  would  be  a  terrible  irony  if  this  government — 
which  prides  itself  on  its  leadership  in  fighting  international  crime — were  to  enact 
a  law  that  would  jeopardize  public  safety  and  weaken  law  enforcement  agencies 
worldwide. 

Second,  critics  of  export  controls  have  mistakenly  assumed  that  the  lifting  of  ex- 
port controls  would  result  in  unrestricted  access  to  markets  abroad  by  U.S.  compa- 
nies. But  this  assumption  ignores  the  likely  reaction  of  foreign  governments  to  the 
elimination  of  U.S.  export  controls.  To  date,  most  other  countries  have  not  needed 
to  restrict  imports  or  domestic  use  of  encryption,  largely  because  export  controls  in 


31 

the  U.S. — the  world  leader  in  computer  technology — and  other  countries  have  made 
such  restrictions  unnecessary.  But  given  other  countries'  legitimate  concerns  about 
the  potential  worldwide  proliferation  of  unbreakable  cryptography,  we  believe  that 
many  of  those  countries  would  respond  to  any  lifting  of  U.S.  export  controls  by  im- 
posing import  controls,  or  by  restricting  use  of  strong  encryption  by  their  citizens. 
France,  Russia  and  Israel,  for  example,  have  already  established  domestic  restric- 
tions on  the  import,  manufacture,  sale  and  use  of  encryption  products.  And  the  Eu- 
ropean Union  is  moving  towards  the  adoption  of  a  key-recovery-based  key  manage- 
ment infrastructure  similar  to  that  proposed  by  the  Administration.  In  the  long  run, 
then,  U.S.  companies  might  not  be  any  better  off  if  U.S.  export  controls  were  lifted, 
but  we  would  nave  undermined  our  leadership  role  in  fighting  international  crime 
and  damaged  our  own  national  secvirity  interests  in  the  meantime. 

Third,  it  is  important  to  keep  in  mind  that  the  State  Department  has  shown  con- 
siderable flexibility  in  administering  export  controls.  For  instance,  it  has  permitted 
U.S.  banks  and  other  entities  to  export  strong  encryption  products  for  their  own  use 
abroad,  and  has  permitted  the  export  of  strong  encrjT)tion  as  long  as  such 
encryption  allows  for  legitimate  government  access. 

Finally,  as  Vice  President  Gore  announced  in  July,  the  Administration  is  consider- 
ing various  measures  to  liberalize  export  controls  u)r  certain  commercial  encr3rption 
products,  in  order  to  promote  the  competitiveness  of  U.S.  manufacturers  during  the 
transition  to  a  global  KMI.  In  addition,  the  Administration  is  considering  transfer- 
ring jurisdiction  over  commercial  encryption  products  from  the  Department  of  State 
to  the  Department  of  Commerce,  a  step  whicn  also  would  ease  the  burden  on  indus- 
try by  providing  for  faster  and  more  transparent  decisions  on  applications  for  export 
licenses.  We  expect  that  a  final  decision  will  be  made  on  these  steps  shortly. 

In  light  of  these  factors,  we  beheve  it  would  be  profoundly  unwise  simply  to  lift 
export  controls  on  encryption.  National  Security  should  not  be  sacrificed  for  the  sake 
of  uncertain  commercial  benefits,  especially  when  there  is  the  possibility  of  satisfy- 
ing both  security  and  commercial  needs  simultaneously  through  global  adoption  of 
a  key  recovery  system.  There  is  only  one  responsibility  course  of  action  that  we  as 
government  leasers  should  embark  upon:  to  promote  socially-responsible  encryption 
products,  which  contain  robust  cryptography  out  that  also  provide  for  timely  law  en- 
forcement access  and  decryption.  This  is  the  Administration's  policy,  and  we  look 
forward  to  working  with  this  Committee  as  we  continue  to  develop  and  implement 
our  approach. 

I  would  now  be  pleased  to  answer  any  questions  you  may  have. 

Mr.  GOODLATTE  [presiding].  Thank  you,  Ms.  Gorelick. 
Mr.  Crowell,  welcome. 

STATEMENT  OF  WILLIAM  P.  CROWELL,  DEPUTY  DIRECTOR, 
NATIONAL  SECURITY  AGENCY 

Mr.  Crowell.  Thank  you  very  much,  Mr.  Chairman,  and  mem- 
bers of  the  committee. 

I  appreciate  the  opportunity  to  appear  before  you  today  and  offer 
some  thoughts  about  the  technical  implications  of  the  administra- 
tion's policy  on  encryption.  I  have  submitted  a  formal  statement  for 
the  record  and  offer  it  for  the  record.  I  will  give  some  oral  com- 
ments that  are  derived  from  my  formal  statement. 

Information  systems  is  a  core  mission  of  the  National  Security 
Agency.  We've  been  in  the  business  of  developing  encryption  tools 
and  protecting  information  systems  for  about  40  years.  For  that 
reason,  NSA  has  been  a  technical  advisor  in  the  formulation  of  the 
administration's  policy  on  encrj^jtion. 

Like  Mr.  Goodlatte,  we  at  the  NSA  believe  the  use  of  encryption 
should  be  promoted,  not  discouraged.  Encryption  has  the  potential 
to  protect  private  citizens  and  businesses  from  frivolous  and  crimi- 
nal access  to  private  £ind  valuable  information  and  to  enable  indi- 
viduals to  use  technology  that  will  make  their  lives  more  conven- 
ient and  productive,  and  to  deny  unauthorized  access  to  vital  U.S. 
information,  wherever  it  may  be  in  the  world.  We  at  NSA  also 
share  the  concern  of  Congress  for  assuring  the  economic  competi- 


32 

tiveness  of  U.S.  industry  in  the  rapidly-evolving  world  of  inter- 
national electronic  commerce,  and  we  recognize  that  the  export  of 
robust  commercial  cryptography  plays  a  fundamental  role  in 
achieving  this. 

At  the  same  time,  it  is  clear  that  any  actions  taken  to  achieve 
such  competitiveness  must  be  based  upon  recognition  of  the  legiti- 
mate interests  not  only  of  industry  and  privacy  advocates,  but  also 
of  public  safety.  The  administration  believes  that  a  robust,  full-fea- 
tured key  management  infrastructure  can  be  the  common  ground 
for  balancing  these  interests  and  providing  an  internationally-ac- 
ceptable framework  that  will  underlie  all  electronic  commerce. 

A  trustworthy  key  management  infrastructure  will  facilitate  the 
use  of  encryption  by  enabling  it  to  be  used  to  its  full  potential.  It 
can  also  help  ensure  that  products  with  encryption  are  interoper- 
able and  can  be  used  by  large  numbers  of  people  with  confidence. 
Users,  both  corporate  and  individuals,  must  be  able  to  trust  that 
their  valuable  information  will  be  protected  across  the  innumerable 
and  diverse  networks  that  make  up  the  emerging  global  informa- 
tion infrastructure.  They  must  have  this  international  framework 
that  they  can  understand  and  that  they  will  want  to  use  to  facili- 
tate their  business  and  daily  activities. 

The  key  management  infrastructure  that  I  refer  to  will  include 
functions  such  as  distributing  public  key  certificates  that  help 
vouch  for  your  identity,  storing  information  in  directories  that 
allow  others  to  know  how  to  communicate  with  you,  and  canceling 
certificates  when  you  have  reason  to  believe  that  yours  has  been 
compromised  and  might  be  used  by  others  for  nefarious  reasons. 
The  system  integrity  fostered  by  such  an  infrastructure  will  allow 
us  to  have  the  same  confidence  in  electronic  commerce  that  we  now 
have  on  signatures  on  paper  contracts  or  in  handshakes  with  busi- 
ness partners.  That  integrity  is  needed  to  achieve  our  vision  of 
global  commerce  with  secure  interoperability. 

Users  will  also  likely  expect  a  data-recovery  feature  when  using 
encryption.  Key  recovery  supports  this  by  allowing  an  encryption 
key  to  be  recovered  when  that  key  is  needed  by  the  user  or  by  oth- 
ers who  have  been  authorized  to  use  it. 

I  would  like  to  say  at  this  point,  Mr.  Chairman,  that  your  ref- 
erence earlier  to  the  administration's  policy  of  depositing  all  keys 
in  a  central  data  base  is,  in  fact,  not  a  feature  of  the  administra- 
tion's policy.  Encryption  users,  for  example,  will  find  it  necessary 
to  ask  their  system  administrator  for  emergency  assistance  to  ac- 
cess an  important  encrypted  document  or  message  if  the  encryption 
key  is  corrupted  or  lost.  If  any  of  you  have  ever  forgotten  a  com- 
puter password  or  a  bank  card  PIN  number,  you  know  exactly 
what  I  mean.  A  key  management  infrastructure  with  key  recovery 
addresses  this  need  by  assuring  that  users  of  encryption  are  not 
locked  out  of  their  encrypted  data  files  when  the  encryption  key  is 
lost,  damaged,  or  otherwise  unavailable. 

The  key  recovery  feature  is  also  of  great  interest  to  United  States 
and  foreign  governments,  since  encryption  may  be  used  by  crimi- 
nals and  other  adversaries  to  help  hide  their  activities.  That  could 
place  the  public  safety  of  U.S.  citizens  and  citizens  of  other  coun- 
tries in  jeopardy.  Key  recovery  will  provide  a  means  of  access  to 
encr3T)ted  communications  for  legitimate  law  enforcement  purposes 


33 

without  undermining  the  integrity  and  strength  of  the  encryption 
process.  Without  such  access,  you  can  only  imagine  the  public  re- 
sponse when  a  jury  is  unable  to  review  evidence  of  criminal  wrong- 
doing because  a  drug  kingpin  has  encrj^jted  his  records  or  commu- 
nications, or  it  becomes  known  that  an  otherwise  detectable  com- 
munication regarding  a  planned  terrorist  attack  was  hidden  from 
law  enforcement  officials  because  of  inadequate  Government 
encryption  policies. 

Foreign  governments  share  these  concerns.  The  EU  has  launched 
a  study  to  determine  what  kind  of  infrastructure  they  will  build, 
and  the  U.K.  recently  announced  an  approach  to  a  trusted  third- 
party  key  recovery  infrastructure.  Canada  has  established  a  key 
management  infrastructure  for  government  use,  and  is  considering 
extending  it  for  public  use. 

The  emergence  of  a  key  management  infrastructure  is  necessary 
and  inevitable.  The  administration  wants  to  help  that  infrastruc- 
ture grow  and  to  encourage  the  acceptance  of  key  recovery.  But  it 
also  wants  to  help  ensure  early-on  that  such  growth  is  not  hap- 
hazard and  does  not  place  infrastructure  users  and  public  s£ifety  at 
risk.  While  governments  can  assist  in  significant  ways,  only  indus- 
try can  build  a  robust  and  scalable  key  management  infrastructure. 
A  truly  global  solution  can  only  occur  through  industry-government 
collaboration. 

Senator  Burns,  in  the  Senate  Commerce  Committee  hearing  in 
July,  said  to  me  that  when  you  get  to  the  fork  in  the  road,  take 
it.  I  would  submit  that  we  do  more  than  just  take  it.  The  issue  is, 
Are  we  going  to  take  the  road  that  leads  to  an  electronic  Tower  of 
Babel,  devoid  of  standards  and  true  security,  or  are  we  going  to 
take  the  one  that  allows  the  American  people  to  trust  in  the 
Internet  and  use  it  for  electronic  commerce? 

I'm  also  concerned  that  we  are  not  misdirected  or  distracted  by 
some  of  the  myths  swirling  around  the  public  encryption  debate. 
The  most  prominent  of  these  myths  concerns  product  availability, 
bit  lengths,  and  brute  force  attack  cryptography.  I  would  like  to 
take  just  a  moment  to  try  and  set  the  record  straight  on  some  of 
these  issues.  Regarding  availability  of  encryption  products  around 
the  world,  some  have  claimed  that  the  genie  is  out  of  the  bottle. 
Let  me  point  out  that  most  measurements  of  product  availability 
are  inadequate,  since  they  do  not  show  how  many  people  are  actu- 
ally using  encryption  and,  for  that  matter,  trusting  the  use  when 
they  do  use  it.  In  that  sense  the  data  could  be  interpreted  to  con- 
clude either  that  the  genie  is  out  of  the  bottle  or  that  the  bottle 
is  tightly  plugged. 

It  is  true  that  products  with  encryption  algorithms  are  widely 
available.  In  fact,  they're  available  in  tens  of  millions;  however,  the 
encryption  algorithms  in  most  of  these  products  that  are  available 
cannot — I  repeat,  cannot — ^be  used  to  their  full  potential  by  millions 
of  people  because  the  products  are  not  interoperable  and  because 
the  key  certificate  management  system,  if  any,  often  lacks  robust 
integrity,  and  they  cannot  be  scaled  to  support  large  communities. 
Today,  if  these  algorithms  are  used  at  all,  they  are  used  very  nar- 
rowly. 

Another  myth  of  the  encryption  debate  is  that  law  enforcement 
and  intelligence  agencies  can  build  special-purpose,  high-perform- 


34 

ance  computers  to  enable  them  to  read  encrypted  communications. 
These  computers  would  break  encryption  systems  via  brute  force 
attacks;  that  is,  they  would  test  almost  every  possible  key  in  an  at- 
tempt to  discover  the  decryption  key.  Let  me  make  this  point:  it  is 
very  important  that  we  not  establish  a  policy  for  the  United  States 
that  is  based  on  some  estimate  of  our  ability  to  do  calculations  or 
to  do  brute  force  cryptography. 

And  let  me  try  and  illustrate  that  point  with  a  couple  of  figures. 
There  are  products  available  today  in  the  domestic  market  that 
contain  128-bit  cryptography.  Using  the  theoretical  computers  that 
have  been  proposed,  it  would  take  16  million  times  the  estimated 
age  of  the  universe  to  break  one  of  those  messages  by  brute  force. 
It  is,  therefore,  important  that  we  take  a  look  at  the  broader  issues 
rather  than  brute  force  cryptography  in  trying  to  set  this  policy. 
And  that  is  why  key  management  is  the  focus  of  the  administra- 
tion's approach,  because  it  is  the  place  where  we  can  have  some 
agreement  on  obtaining  key  recovery  and  serving  public  safety  in- 
terests. 

Clearly,  brute  force  attacks  cannot  be  the  basis  for  a  long-term 
encryption  policy.  I  encourage  you  to  put  these  debates  of  product 
availability  and  brute  force  attacks  behind  us.  I  believe  they  are 
counterproductive . 

In  closing,  let  me  say  that  the  administration  is  basing  its  poli- 
cies on  the  foundation  that  the  need  for  robust  commercial 
encryption  will  grow,  and  that  protection  of  information  is  an  im- 
portant national  interest.  These  policies  will  have  a  significant  im- 
pact on  NSA's  foreign  intelligence  mission,  but  I  believe  they  are 
a  reasonable  response  to  a  complex,  interdependent  set  of  issues, 
and  I  hope  that  the  administration  can  continue  to  work  together 
with  Congress  and  with  industry  to  resolve  the  disagreements  and 
solve  the  problems. 

Thank  you  very  much,  Mr.  Chairman,  for  the  opportunity. 

[The  prepared  statement  of  Mr.  Crowell  follows:] 

Prepared  Statement  of  William  P.  Crowell,  Deputy  Director,  National 

Security  Agency 

introduction 

I  appreciate  the  opportunity  to  comment  on  Congressman  Goodlatte's  pending  leg- 
islation and  to  discuss  with  you  NSA's  involvement  with  the  development  of  the  Ad- 
ministration's encryption  policy.  Since  NSA  has  both  an  information  security  and  a 
foreign  signals  intelligence  mission,  encryption  touches  us  directly. 

NSA's  role  in  support  of  the  Administration's  initiative  has  been  that  of  a  tech- 
nical advisor.  I  believe  it  is  important  for  the  nation's  encryption  policy  makers  to 
base  their  decisions  on  the  best  possible  information,  and  I  would  like  to  help  clarify 
several  issues  for  the  record. 

ENCRYPTION  IS  A  SIGNIFICANT  POTENTIAL  BENEFIT  TO  AMERICA 

The  use  of  encryption  to  protect  U.S.  information  should  be  promoted,  not  discour- 
aged. Encryption  usage  has  the  potential  to  enable  citizens  to  use  technology  that 
will  make  their  lives  more  convenient,  enhance  the  economic  competitiveness  of  U.S. 
industry,  combat  frivolous  and  criminal  access  to  private  and  valuable  information, 
and  deny  spies  from  gaining  access  to  U.S.  information  wherever  it  may  be  in  the 
world.  That's  the  good  news.  The  bad  news  is  that  the  encrj^Jtion  in  most  commer- 
cial products  today  has  very  little  chance  of  being  used  to  its  fiiU  potential  until  a 
support  infrastructure  is  established  that  enables  the  encryption  to  be  used  widely 
and  with  integrity.  Furthermore,  if  encryption  is  used  by  criminals  and  other  adver- 
saries (e.g.,  terrorists)  to  help  hide  their  activities,  the  public  safety  of  U.S.  citizens, 


35 

and  citizens  of  other  countries,  may  be  placed  in  jeopardy.  This  is  a  problem  regard- 
less of  whether  a  support  infrastructure  exists  or  not. 

The  U.S.  must  address  these  challenges.  Instead,  we  seemed  mired  in  an 
unfocused  debate  about  bit  lengths,  brute  force  attacks,  and  product  "availability" 
that  often  takes  place  in  press  releases,  newspaper  editorials,  and  Internet 
Newsgroups.  We  all  need  to  focus-in  on  what  will  enable  encryption  to  be  used  to 
its  potential.  The  way  to  do  this  is  to  mutually  acknowledge  the  interests,  roles,  and 
responsibilities  that  industry  and  governments  have  in  this  issue.  Specifically,  the 
two  challenges  that  we  must  address  collaboratively  are: 

The  establishment  of  a  trustworthy  key  management  infrastructure  (KMI) 
that  facihtates  encryption  that  is  interoperable,  scalable,  and  enables  the 
encryption  to  be  used  to  its  full  potential. 

The  ability  to  recover  an  encryption  key  when  that  key  is  needed  by  the  user 
or  others  who  are  authorized  to  have  it. 

AN  INFRASTRUCTURE  IS  NEEDED  TO  SUPPORT  THE  WIDESPREAD  USE  OF  ENCRYPTION 

The  KMI  is  the  keystone  of  the  Administration  encryption  policy  reform  proposal 
since  encryption  has  Uttle  chance  of  becoming  widely  used,  here  or  overseas,  until 
there  is  such  an  international  fi"amework  in  place.  When  I  use  the  term  "key  man- 
agement infrastructiu'e"  I  am  referring  to  the  policies,  products,  and  services  that, 
in  total,  provide  a  support  infrastructure  for  end-user  products  that  contain 
encryption.  A  KMI  includes  functions  such  as  distributing  encryption  certificates 
that  can  help  vouch  for  your  identity,  storing  information  that  allows  others  to  know 
how  to  communicate  with  you,  assisting  you  when  you  have  reasons  to  believe  that 
your  encryption  certificate  has  been  compromised,  and  other  objectives.  The  goal  of 
such  a  support  infrastructure  or  "KMI"  is  to  facilitate  widespread  use  of  encryption 
and  aUow  the  encryption  to  be  used  with  confidence.  The  system  integrity  fostered 
by  such  an  infi-astructure  will  allow  us  to  have  the  same  confidence  in  electronic 
commerce  that  we  now  have  in  signatures  on  paper  contracts  or  in  handshakes  with 
business  partners,  and  is  needed  to  achieve  oxu-  vision  of  global  commerce  with  se- 
cure interoperability. 

A  national  framework  does  not  exist  today,  other  than  in  the  KMI  used  by  the 
Defense  Department  and  other  specialized  areas.  The  Administration's  rec- 
ommended KMI-focused  approach  intends  to  help  fill  that  void  by  helping  the  U.S. 
KMI  grow,  addressing  the  nation's  public  safety  interests,  and  helping  open  doors 
for  U.S.  encrjrption  overseas. 

Helping  the  KMI  Grow — First,  the  Administration  wants  to  help  ensure  that 
the  U.S.  KMI  allows  encryption  to  be  used  securely,  widely,  and  with  con- 
fidence. We  recognize  that  the  emergence  of  a  commercial  KMI  is  inevitable  but 
are  concerned  that  infrastructure  users  and  public  safety  will  be  placed  at  risk 
if  it  grows  in  the  wrong  direction,  thereby  harming  the  public's  interests. 

Information  protection — To  ensure  adequate  protection  of  sensitive  infor- 
mation, the  KMI  needs  to  be  built  and  operated  securely.  Furthermore,  a 
scalable  infrastructure  is  needed  to  support  large  numbers  of  encryption 
users,  and  it  must  facilitate  interoperability. 

Data  recovery — Users  wiU  need  the  capability  to  regain  access  to  their 
encr3T)ted  data  when  encryption  keys  are  lost,  corrupted,  or  destroyed.  The 
KMI  must  therefore  support  key  recovery.  While  key  recovery  may  not  yet 
be  widely  recognized  as  a  user  requirement,  analogies  to  key  recovery  are 
common  in  the  workplace.  Today,  computer  system  administrators  help 
users  recover  their  forgotten  passwords.  Similarly,  most  offices  securely 
maintain  spare  door  and  desk  keys  for  emergency  use. 

Privacy — Regulations  must  be  established  to  ensure  that  access  to  keys 
is  not  misused  to  violate  individual  privacy. 
Addressing  the  Nation's  Public  Safety  Interests  arid  Helping  to  Open  Doors  for 
U.S.  Encryption  Products  Overseas — Second,  the  Administration  wants  to  en- 
sure that  the  KMI  supports  our  government's  responsibility  to  protect  the  na- 
tion's public  safety,  and  provide  a  level  playing  field  on  which  U.S.  products  can 
compete  overseas. 

Public  Safety  Protection — ^While  users  should  have  the  ability  to  choose 
responsible  agents  to  generate  and  store  their  keys,  government's  pubUc 
safety  responsibilities  will  reqxoire  law  enforcement,  with  proper  authoriza- 
tion, to  be  able  to  gain  access  to  keys.  Without  key  recovery,  law  enforce- 
ment agencies  will  be  unable  to  decrypt  encrypted  criminal  files  and  com- 
munications. The  Administration  proposes  to  use  the  KMI's  data  recovery 
feature  to  support  authorized  law  enforcement  investigations,  rather  than 
creating  a  separate  infrastructure  that  solely  supports  those  investigations. 


36 

Export  Control  Reform — If  the  KMI  supports  key  recovery,  then  bit  limit 
restrictions  can  be  lifted  on  encryption  exports,  and  other  countries  will  be 
less  likely  to  institute  import  restrictions  on  U.S.  encryption  since  foreign 
government  interests  can  also  be  met  by  key  recovery  in  the  KMI. 

Foreign  Sales — The  U.S.  government  intends  to  promote  the  advantage 
of  key  recovery  solutions  to  foreign  governments. 

A  GLOBAL  SOLUTION  DEPENDS  ON  INDUSTRY/GOVERNMENT  COLLABORATION 

The  Administration's  encrj^ption  policy  would,  I  believe,  satisfy  a  balanced  cross- 
section  of  societys  needs.  In  broad  strokes,  this  policy  enables  industry  and  govern- 
ment to  work  together  to  develop  and  build  the  infrastructvire  for  managing 
encryption  keys.  Industry  can  bring  their  market  knowledge  and  infrastructure 
technology  and  services  to  the  collaborative  effort,  while  the  U.S.  government  can 
contribute  decades  of  KMI  expertise,  and  extensive  in-place  working  relationships 
with  foreign  governments. 

The  Administration  has  engaged  various  industry  and  international  groups  to  fur- 
ther define  the  infrastructure  concept.  All  agree  that  the  emergence  of  a  KMI  is  nec- 
essary. Some  in  industry,  however,  continue  to  seek  immediate  relaxation  of  existing 
export  controls  on  encryption.  The  Administration  is  now  discussing  with  industry 
a  variety  of  proposals  for  export  control  relaxation.  The  Administration  is  mindful 
that  such  relaxation  should  be  consistent  with  the  objective  of  encouraging  the  de- 
velopment of  a  robust,  full-featured,  key  management  infrastructure  that  supports 
key  recovery.  It  would  be  a  terrible  irony  if  this  government — which  prides  itself  on 
its  leadership  in  fighting  international  crime — were  to  enact  a  policy  that  would 
jeopardize  public  safety  and  national  security,  as  well  as  weaken  law  enforcement 
agencies  worldwide. 

MYTHS  AND  DISTRACTIONS  IN  THE  ENCRYPTION  DEBATE 

The  encryption  debate  has  often  been  mischaracterized  as  a  struggle  between 
high-tech  industry  which  wants  to  sell  encryption  products  worldwide,  and  the  gov- 
ernment which  is  perceived  as  wanting  to  prevent  the  spread  of  encryption.  Such 
mji;hs,  and  other  threads  of  the  encryption  debate,  are  unsound.  They  do  not  ad- 
dress the  issues  at  hand,  they  can  cause  unnecessary  conflicts  among  those  that  are 
pursuing  them,  and  they  ultimately  delay  the  resolution  of  the  hard  problems. 
These  myths  and  distractions  include  product  availability,  brute  force  attacks,  and 
comparisons  to  the  Clipper  initiative. 

Product  "Availability"  Is  A  Bad  Metric  For  Basing  Policy  Decisions 

Most  measurements  of  product  availability  are  inadequate  (incomplete  or  incon- 
clusive) since  they  do  not  show  how  many  people  are  using  encryption.  Product 
availability  can  be  measured  in  a  number  of  ways.  Depending  on  how  it  is  meas- 
ured, one  could  misconstrue  the  data  to  conclude  that  "the  encryption  genie  is  out 
of  the  bottle"  or  that  the  bottle  is  tightly  plugged.  The  fact  of  the  matter  is  that 
encryption  is  widely  available  {e.g.,  embedded  in  tens  of  millions  of  commercial  soft- 
ware products)  but  is  not  widely  used. 

Those  who  argue  that  government  encryption  policies  are  outdated  because  "the 
encryption  genie  is  out  of  the  bottle"  (i.e.,  there  are  many  products  advertised  to 
contain  encryption  and  some  of  them  are  available  from  the  Internet)  must  consider 
three  important  perspectives. 

First,  encryption  is  not,  and  will  not  be  used  widely  and  to  its  potential  (with  con- 
fidence by  100s  of  millions  of  people)  until  there  is  an  infrastructure  in  place  to  sup- 
port it.  Encryption  is  usually  not  used  because  there  is  not  an  infrastructure  in 
place  to  support  the  distribution  of  keys  among  the  users  of  the  products,  its  key/ 
certificate  management  often  lacks  robust  integrity,  and  it  cannot  be  scaled  to  sup- 
port large  communities  of  interoperable  communicators.  Furthermore,  the  products 
are  usually  not  interoperable.  Today,  if  the  encryption  is  used  at  all,  it  is  used  very 
narrowly. 

Encryption  is  not  a  genie  that  will  magically  solve  the  security  problem  and  the 
Administration  is  not  trying  to  "keep  the  plug  in  the  bottle'.  The  Administration 
wants  to  help  promote  a  full  range  of  trusted  security  services  providing  privacy, 
authentication,  and  data  integrity  while  simultaneously  helping  our  government, 
and  governments  worldwide,  uphold  their  public  safety  and  national  security  re- 
sponsibilities. 

Second,  serious  users  of  security  products  don't  obtain  them  from  the  Internet.  The 
president  of  a  prominent  Internet  security  corporation  was  recently  asked  in  a  mag- 
azine article  on  this  issue:  "Since  encryption  technology  is  available  as  freeware  ofi" 
the  Internet,  why  would  anyone  pay  a  company  for  it?"  He  responded  by  saying: 


37 


"Freeware  is  worth  exactly  what  you  pay  for  it.  I'd  rather  not  implement  security 
systems  using  software  for  which  the  source  code  is  available  to  any  12-year-old  who 
thinks  being  a  hacker  is  fun." 

Third,  the  Internet  does  not  make  the  distribution  of  software-based  products,  in- 
cluding encryption,  uncontrollable.  Most  people  elect  to  obtain  their  software  from 
legal  sources  to  ensure  they  do  not  violate  the  law,  and  so  that  they  can  obtain  es- 
sential product  support  from  software  developers.  Yes,  some  people  illegally  violate 
copyright  laws  when  they  place  commercial  software  on  the  Internet,  and  some  peo- 
ple violate  export  laws  when  they  place  encryption  software  on  the  Internet.  How- 
ever, these  illegal  actions  on  the  Internet  constitute  a  very  small  percentage  of  the 
market. 

It  Is  Short-Sighted  To  Base  Long-Term  Encryption  Policy  On  Bit  Lengths  And  Brute 
Force  Attacks 

Some  have  argued  that  law  enforcement  and  intelUgence  agencies  can  build  spe- 
cial-purpose, high-performance  computers  to  enable  them  to  read  encrypted  commu- 
nications. These  computers  would  "break"  encryption  systems  via  "brute  force"  at- 
tacks. This  Line  of  argument  is  a  distraction  from  the  real  issues  at  hand,  and  I  en- 
courage you  to  consider  the  following  information  and  put  this  debate  behind  us. 

NSA  has  decades  of  experience  in  designing  such  high  performance  machines. 
Though  it  would  be  intellectually  stimulating  to  discuss  assumptions  on  the  design 
of  such  theoretical  machines,  I  think  a  compelling  argument  against  relying  on 
brute  force  attacks  is  made  by  accepting  the  estimates  for  the  performance  theoreti- 
cal machines. 

Suppose  that  the  theoretical  machine  were  asked  to  assist  law  enforcement  to 
decrypt  a  message  encrypted  by  a  terrorist  organization  and  that  organization  used 
the  algorithm  in  PGP  (Pretty  Good  Privacy),  an  encryption  package  available  on  the 
Internet.  That  law  enforcement  investigation  would  be  delayed  for  quite  a  long  time, 
since  the  theoretical  machine  would  take  longer  than  the  estimated  age  of  the  uni- 
verse (15  biUion  years)  to  recover  a  single  message  via  brute  force.  In  fact,  it  would 
take  an  estimated  100,000,000,000,000,000  (100  quadrillion)  years  to  recover  that 
message,  over  six  million  times  the  estimated  age  of  the  universe.  Moreover,  it  is 
important  to  note  that  modem  cr3T)tographic  systems  generate  a  unique  key  for 
each  new  message;  therefore,  each  subsequent  message  would  require  the  same 
amount  of  effort. 

Clearly,  encr3T)tion  technology  can  be  made  intractable  against  sheer  compute 
power,  and  longterm  policies  cannot  be  based  on  bit  lengths.  Brute  force  attacks 
cannot  be  the  primary  solution  for  law  enforcement  decrjrption  needs. 

The  Administration's  Approach  To  Encryption  Policy  Reform  Is  Very  Different  From 
Earlier  Key  Escrow  Initiatives  (E.g.,  Clipper) 
Some  have  incorrectly  labeled  the  Administration's  proposal  "Clipper  III."  Their 
argument  is  disingenuous.  The  Administration's  proposal  differs  significantly  from 
previous  key  escrow  initiatives  since  it  eliminates  the  focus  on  bit  lengths  and  pro- 
motes the  development  of  a  KMI  that  can  help  spread  commercial  encryption.  The 
following  chart  identifies  six  major  criticisms  with  the  Clipper  initiative  and  the  64 
Bit  Software  Key  Escrow  initiative,  and  compares  them  to  the  poUcies  defined  by 
the  Administration  in  its  KMI  proposal. 

The  Administration's  Proposal  Eliminates  Contentious  Issues 


Initiative 

Restricted 

to 

Hardware 

Inpleineii- 

tations 

Restricted 

to  Secret 

Algoiithms 

Restricted 

Bil 
Lengths 

Keys  Held 
byU.S. 
Govern- 
ment 

Keys  Held 

By 
Corponue 

Users. 

Within 
Guidelines 

Keys 
Support 

User's 
Need  for 

Dau 
Recovery 

jAppa^     . 

.'-.Yea  ^ 

Yes 

Yes 

Yes 

No 

No 

Software  Key 
Escrow 

No 

No 

Yes 

No 

No 

No 

SKMLw/Key 

No 

No 

1  V 

•    No  ■■  ' 

;   No   ^-' 

r-Tes  ^ 

Yes 

38 

With  these  impediments  addressed,  industry  and  government  can  work  to  estab- 
lish encryption  products  that  will  win  acceptance  in  foreign  markets  and  establish 
infrastructure  services  to  support  those  products. 

The  U.S.  government  ana  U.S.  industry  share  a  common  goal  regarding  foreign 
markets:  each  seeks  a  level  plajdng  field  upon  which  U.S.  products  can  fairly  com- 
pete. This  Administration  believes  that  that  goal  can,  and  must  be  reached  while 
also  addressing  law  enforcement  and  foreign  government  interests  via  key  recovery. 

U.S.  ENCRYPTION  POLICIES  ARE  ADDRESSING  CONCERNS  THAT  THE  WORLD  IS  ALSO 

FACING 

All  countries  that  are  major  producers  of  cryptography  control  its  export.  Though 
the  U.S.  does  not  have  domestic  restrictions,  some  countries  control  tne  import  of 
encryption  and  its  domestic  use.  Recently,  France,  Israel,  and  Russia  imposed  im- 
port and  domestic  use  restrictions,  and  several  Asian,  South  American,  and  African 
countries  have  done  so  for  many  years. 

Some  countries  have  already  expressed  concern  and  may  resort  to  raising  import 
barriers  to  U.S.  products  if  U.S.  export  policies  change  radically.  They  are  concerned 
about  the  public  safety  impact  to  their  countries  if  criminal  elements  use  encr3rption 
to  thwart  public  safety  efforts. 

The  European  Union  (EU)  is  considering  a  key  recovery-based  key  management 
infrastructure  to  address  the  expected  growth  in  the  demand  for  commercial 
encryption.  The  EU  plan,  known  as  the  Trusted  Third  Party  or  TIP  architecture, 
protects  EU  governments'  public  safety  interests  by  ensuring  that  keys  are  stored 
with  a  party  other  than  the  originator  of  the  encrypted  information.  Other  confed- 
erations and  organizations  are  also  approaching  the  encryption  issue  by  including 
a  key  recovery  feature.  For  example,  the  major  standards  bodies  of  the  world  are 
designing  future  standards  so  that  key  recovery  can  be  accommodated.  The  U.S.  is 
not  the  only  place  that  recognizes  the  dual-edges  of  the  encryption  tool. 

WRAP  UP 

The  Administration  is  basing  its  policies  on  the  foundation  that  the  need  for  ro- 
bust commercial  encryption  will  grow  and  has  proposed  policy  reforms  to  ensure 
that  American  companies,  and  the  public,  can  flourish  in  the  future  encryption  mar- 
ket. The  Administration's  approach  is  not  past  its  time,  it  is  just  in  time.  The  fun- 
damental issue  in  play  is  how  industry  will  build  a  key  management  infrastructure 
to  support  mass  market  products  with  encryption.  If  an  infrastructure  is  built  that 
supports  key  recovery,  then  the  export  control  debate  can  be  concluded.  Otherwise, 
governments  worldwide  are  likely  to  resist  the  use  of  those  products  because  of  pub- 
lic safety  concerns. 

This  is  where  the  Administration  needs  your  help.  Congressional  action  at  this 
time  would  preempt  Administration  attempts  to  reach  a  cooperative  agreement  with 
industry  that  satisfies  all  interested  parties.  It  would  also  result  in  the  world-wide 
proliferation  of  secure  encryption  that  is  contrary  to  the  public  safety  interests  of 
the  U.S.  and  other  nations. 

Though  the  Administration's  proposed  policies  will  have  a  significant  impact  on 
NSA,  I  believe  they  are  a  reasonable  response  to  a  complex,  interdependent  set  of 
issues.  I  hope  that  the  Administration  can  continue  to  work  with  Congress  and  in- 
dustry to  reach  a  resolution  of  these  issues.  Thank  you  for  the  opportunity  to  ad- 
dress this  important  matter. 

Mr.  GOODLATTE.  Thank  you,  Mr.  Crowell,  and  let  me  say  to  both 
of  you  that  I  very  much  appreciate  and,  as  I  expressed  before,  un- 
derstand your  concern  regarding  future  challenges  for  law  enforce- 
ment and  national  security,  but  I  think  the  approach  you  are  tak- 
ing is  unprecedented. 

Let  me  ask  you  this  question:  the  administration  has  advocated 
a  key  escrow  system  in  which  private  citizens,  as  a  price  for  using 
encryption,  would  be  required  to  deposit  their  keys  with  some  third 
party  to  allow  Government  surveillance  at  some  unspecified  time 
in  the  future.  Are  you  aware  of  any  other  instance  in  our  law  or 
tradition  in  which  private  citizens  are  required  to  take  positive  ac- 
tion to  assist  the  Government  in  its  surveillance  activity  in  advance 
of  any  probable  cause  finding?  I  think  that  is  unprecedented.  What 
do  you  think? 


39 

Ms.  GrORELlCK.  Well,  it's  just  not  an  accurate  statement  of  any 
administration  policy,  any  iteration  of  it,  that  I've  ever  heard. 
There  is  no  attempt,  nor  has  there  ever  been  an  attempt  or  a  pro- 
posal, to  mandate  any  action  whatsoever  domestically. 

Mr.  GOODLATTE.  Well,  it  certainly  is  the  concern  of  a  great  num- 
ber of  people  in  this  room  today  that  the  administration  is  holding 
up  export  controls  in  order  to  force  an  escrow  system  in  which  the 
keys  to  individuals'  and  businesses'  encryption  will  be  accessible  to 
the  Government  at  some  future  time,  should  they  need  it. 

Ms.  GORELICK.  Let  me  be  very  clear  about  this.  What  we  are  try- 
ing to  do  is  use  our  export  policies,  consistent  with  the  development 
of  a  consensus  internationally,  to  encourage  industry  to  develop  a 
key  management  system  that  would  be  interoperable  internation- 
ally. This  will  build  a  marketplace  internationally  for  systems  that 
use  key  management  and  key  recovery.  A  person  in  the  United 
States  who  does  not  want  to  use  a  system  will  never  have  to  do 
it.  What  we're  trying  to  do  is  encourage  its  growth,  but  we  are 
not — I  repeat,  not — and  never  have  sought  to  mandate  any  utiliza- 
tion of  a  key  recovery  system.  We  hope  that  people  in  their  own 
self-interests  will  choose  that  route,  but  we  have  never  sought  to 
mandate  that,  nor,  frankly,  could  we.  One  can  sit  at  home  on  one's 
computer  and  develop  an  algorithm  on  one's  own  to  encrypt. 

And  we  know,  too — it  is  a  premise  of  our  thinking  on  this — ^that 
there  will  be  individuals,  law-abiding  citizens,  and  there  will  be 
criminals  who  will,  no  matter  what  we  do,  no  matter  what  the 
international  industry  does,  will  not  use  any  kind  of  key  manage- 
ment system.  And  we  accept  that  as  a  level  of  risk  that  is  a  given 
as  we  move  forward  on  the  information  superhighway. 

Mr.  GoODLATTE.  Well,  I  think  that  begs  a  response  in  this  sense. 
If  an  individual  here,  right  now — it's  absolutely  true  that  there's  no 
restriction  on  the  level  of  encryption  someone  can  obtain,  but  if 
Chase  Manhattan  Bank  or  Citibank  or  any  other  business — and 
there  are  hundreds  of  thousands  of  them  that  conduct  international 
business — wants  to  have  that  same  encrjrption  sent  overseas  to 
their  overseas  affiliates  so  that  they  can  communicate  together 
using  encrj^jtion,  they  are  faced  with  export  controls  that  limit 
their  ability  to  do  that.  And  the  same  thing  would  be  true  of  any 
individual  who  wanted  to  communicate  internationally,  which  is, 
quite  frankly,  what  the  Internet  is  all  about. 

Mr.  Crowell.  Mr.  Chairman,  first  of  all,  with  reference  to  the 
banking  industry,  two  things.  One,  the  banking  industry  has  been 
allowed  to  export  cryptography  for  at  least  17  years  without  any 
great  restriction.  They  use  56-bit  DES  quite  extensively  in  their 
businesses,  and,  I  might  add,  they  have  established  a  key  recovery 
system  which  they  use  in  order  to  protect  their  business  interests. 
Today  if  law  enforcement  wishes  to  access  the  records  of  a  bank, 
it  does  so  through  their  own  voluntary  key  recovery  system,  not 
through  any  mandated  system  that  the  Government  has  pre- 
scribed. 

Mr.  GoODLATTE.  Mr.  Crowell,  let  me  follow  up  on  that  and  ask 
you  about  something  else  that  concerns  me  in  the  same  area,  and 
that  is  it's  my  understanding  now  that  the  administration  wants 
to  preclude  judicial  review  of  Commerce  Department  export  control 
decisions  under  their  new  plan  and  that  you  have  sent  to  the  Bank- 


40 

ing  Committee — or  the  administration  has — amendments  to  the 
Omnibus  Export  Administration  Act  right  now  that  accompUsh  just 
that  purpose. 

Mr.  Crowell.  I  beheve  Mr.  Reinsch,  who  is  representing  Com- 
merce Department,  should  address  that  question,  sir. 

STATEMENT  OF  WILLIAM  A.  REINSCH,  UNDER  SECRETARY, 
BUREAU  OF  EXPORT  ADMINISTRATION,  DEPARTMENT  OF 
COMMERCE 

Mr.  Reinsch.  That  has  a  very  long  history,  Mr.  Chairman.  The 
language  that  is  in  the  Export  Administration  Act  proposal,  H.R. 
361,  which  has  already  passed  the  House,  is  language  that  was  de- 
veloped as  a  result  of  a  conference  compromise  in  1990  which  was 
ultimately  vetoed  by  then-President  Bush.  Over  the  years,  and  as 
we've  looked  at  it,  we  have  concluded  that  there  are  some  ambigu- 
ities in  that  language  that  need  clarification,  and  we  have  sug- 
gested to  the  Senate,  which  now  has  the  bill,  the  bill  having  passed 
the  House,  that  with  respect  to  the  judicial  review  provisions  we 
would  like  to  have  an  amendment  that  would  clarify  the  ambigu- 
ities. 

The  effect  of  the  amendment  would  be  to  make  clear  that  in  deci- 
sions that  involve  export  controls  for  national  security  or  foreign 
policy,  which  is  the  basis  for  the  Export  Adm.inistration  Act,  that 
the  court  in  undertaking  judicial  review  would  not  be  able  to  look 
behind  the  process  by  which  that  decision  was  made  and  reexamine 
the  President's  national  security  or  foreign  policy  reasons  for  im- 
posing a  control. 

Mr.  CxOODLATTE.  Now  let  me  ask  a  related  concern,  and  that  is 
that  it's  my  understanding  that  a  working  group  of  the  OECD  is 
meeting  today  in  Paris  to  draft  recommendations  concerning 
encrj^tion. 

Ms.  Gorelick,  isn't  it  true  that  the  Justice  Department  is  actively 
promoting  key  escrow  in  the  international  arena  in  places  like  the 
OECD  and  the  European  Commission  against  the  express  interests 
of  a  vast  number  of  interested  parties,  including  U.S.  business, 
Internet  advocates,  computer  users,  and  many  Members  of  Con- 
gress? And  isn't  this  an  attempt  to  achieve  abroad  what  the  admin- 
istration has  not  been  able  to  achieve  at  home,  and  an  end-run 
around  Congress? 

Ms.  Gorelick.  Absolutely  not.  We  have  been  quite  forthright, 
and  we've  told  the  members  of  this  committee  and  anyone  else  who 
asked  what  we  were  doing  and  for  very  good  reason.  I  mean 
this 

Mr.  GOODLATTE.  Well,  we  know  you're  doing  it,  but  we're  a  little 
hamstrung  in  our  ability  to  do  it,  and  it  concerns  us  that  one  arm 
of  the  administration  is  pushing  limiting  judicial  review  of  this  and 
another  arm  is  actively  pushing  an  opportunity  to  reach  inter- 
national agreements  which  would  preclude  the  Congress  from  set- 
ting its  own  standard.  What  recourse  are  the  American  people 
going  to  have  if  the  executive  branch  of  government  wipes  out  our 
ability  to  seek  redress  of  grievances  from  what  we  think  are  im- 
proper government  actions  if  you  put  in  amendments — and,  hope- 
fully, we  will  stop  this  amendment — that  preclude  our  ability  to 
seek  judicial  review  of  administration  decisions,  and  you  pursue, 


41 

actively,  international  policies  that  eliminate  our  ability  to  seek 
legislative  remedies  to  this  problem? 

Ms.  GORELICK.  With  all  due  respect,  Mr.  Gk)odlatte,  nothing  that 
we  are  doing  in  the  OECD  precludes  this  Congress  from  enacting 
laws  that  would  go  in  a  different  direction.  Right  now  the  proposals 
that  we  are  advocating — and  we  believe  there  is  an  international 
consensus  around  them  which  is  very  important,  and  I'd  like  to 
take  a  moment  to  address  that — are  completely  consistent  with 
U.S.  policy.  We  believe — really  contrary  to  the  assumption  in  your 
question — that  it  will  benefit  U.S.  industry  to  have  an  inter- 
national agreement  that  represents  a  view  of  all  of  the  countries 
that  might  regulate  and  all  of  the  countries  that  might  produce, 
encryption  technology. 

If  you  have  one  international  standard  and  international  inter- 
operability, there  will  be  a  much  greater  market  for  our  own  do- 
mestically-produced products.  The  implication  that  all  that  stsinds 
in  the  way  of  U.S.  industry  are  our  export  barriers  is  wrong;  it's 
just  factually  wrong.  Our  export  barriers  serve  as  the  import  bar- 
riers of  our  foreign  partners.  And  if  we  lower — as  your  proposal 
would  do — our  export  barriers,  with  no  extant  international  agree- 
ment with  these  other  countries,  they  will  simply  raise  their  export 
barriers.  We  have  seen  this  in  France;  we  have  seen  it  in  Russia; 
we've  seen  it  in  Israel.  We  know  that  a  similar  regime  is  going  to 
be  taking  place  within  the  European  Union  and  in  Great  Britain. 

There  is  no  question  in  my  mind  that  if  we  act  unilaterally  to 
lower  our  export  barriers,  other  countries  will  raise  their  import 
barriers,  because  they  have  the  same  public  security  and  national 
security  concerns  that  we  do.  So,  we  welcome  this  debate,  but  this 
is  no  end-run.  Our  efforts  are  designed  to  have  a  constructive  effect 
on  the  goal  that  you  indicate  you  seek,  which  is  the  ability  of  U.S. 
commerce  effectively  to  compete  in  the  provision  of  encryption 
products  abroad. 

Mr.  GOODLATTE.  Well,  my  time  has  expired.  I  would  like  to  pur- 
sue that  issue  further,  but  perhaps  I  can  get  some  time  yielded  to 
me  later. 

The  gentleman  from  Michigan. 

Mr.  CONYERS.  Well,  thank  you  very  much,  sir.  I'll  yield  you  as 
much  time  as  you  want.  Do  you  need  a  few  more  minutes?  The  dis- 
cussion is  very  important,  and  this  is  your  bill;  I  am  a  co-sponsor 
of  it. 

Mr.  GooDLATTE.  I  thank  the  gentleman  very  much,  and  if  I  may, 
Ms.  Gorelick,  I  would  like  to  ask  you  to  go  into  a  little  more  detail 
about  how  key  escrow  works  internationally.  Who's  going  to  have 
access  to  these  keys?  If  not  you,  maybe  Mr.  Crowell  can  answer 
that. 

Mr.  Crowell.  The  concept  in  the  United  States  will  be  by  vol- 
untary key  recovery  system.  That  means  that  people  can  self-es- 
crow with  their  corporations  or  they  can  operate  voluntarily  out  of 
the  system.  To  use  the  international  system  will  require  that  we 
have  understandings  about  how  we  exchange  what  are  called  "pub- 
lic key  certificates."  These  are  certificates  that  bind  an  individual 
to  their  identity,  and  the  agreements  between  nations  will  have  to 
do  with  those  public  key  certificates;  that  is,  as  a  way  for  us  to  en- 


42 

courage  the  exchange  of  certificates  and  the  use  of  encryption  be- 
tween nations. 

If  a  nation  has  a  key  recovery  system  where  they  can  produce  a 
warrant  to  obtain  access  to  the  private  keys,  then  they  may  read 
those  communications  of  private  individuals  within  their  own  coun- 
try in  accordance  with  their  own  laws. 

Mr.  GOODLATTE.  Who  issues  that  warrant? 

Mr.  Crowell.  In  this  country,  it's  the  judiciary  system  as  you  al- 
ready understand  it,  with  all  of  the  restrictions  that  apply. 

Mr.  GoODLATTE.  Well,  let's  suppose  we're  talking  about  inter- 
national communications  between  countries,  and  some  nation  wish- 
es to  obtain  access  to  that.  What  steps  do  they  have  to  do  in  order 
to  secure  access  to  that  key,  and  what  protection  do  other  nations 
have  that  that's  not  going  to  be  abused? 

Ms.  CjORELICK.  Well,  maybe  I  can  answer  that.  The  same  system 
would  apply  as  would  apply  now.  For  example,  if  a  prosecutor  in 
France  wanted  to  obtain  evidence  of  a  wire  communication  in  the 
United  States  or  a  documentary  piece  of  evidence  in  the  United 
States,  there  is  a  process  between  the  two  nations'  courts  that  is 
effectuated  by  the  two  nations'  systems  of  justice  that  protects  the 
rights  of  the  party  in  this  country.  So,  for  example,  if  the  prosecu- 
tor in  France  wanted  your  bank  records,  they  would  make  a  re- 
quest via  something  called  a  letter  rogatory.  It  would  come  through 
our  courts  and  the  obtaining  of  those  documents  would  not  proceed 
without  a  judicial  warrant  pursuant  to  the  fourth  amendment,  or 
specified  procedures  with  respect  to  each  type  of  document. 

You  would  simply  use  those  international  structures  and  proce- 
dures, but  for  a  different  kind  of  information.  Here,  the  information 
would  be  the  identity  of  the  person  who  is  associated  with  a  par- 
ticular key,  and  the  key  to  decipher  the  industry  information. 

Mr.  GooDLATTE.  And  what  is  the  status  of  these  international 
agreements?  It  is  my  understanding  that  no  two  nations  have 
reached  agreement  on  this  as  of  yet.  Is  that  correct? 

Ms.  GORELICK.  With  respect  to  the  key  management  system?  No, 
this  is  still  in  its  nascent  stages,  but  I  can  tell  you  that  I  do  firmly 
believe,  and  I  think  you  will  agree  if  you  engage  in  conversations 
with  the  individual  responsible  for  security  in  any  of  the  European 
countries  or  other  countries — such  as  Canada,  and  Israel — with 
whom  we  deal,  that  they're  all  moving  in  the  same  direction.  I 
don't  think  any  country  is  going  to  accept  that  communications 
which  are  now  accessible  via  court  order  in  those  countries  would 
be  off-limits,  and  so  I  think  you'll  see  a  consensus  building  around 
a  key  recovery  system.  But  I  don't  mean  to  suggest  that  we  have 
this  regime  in  place  at  the  moment. 

Mr.  GoODLATTE.  Mr.  Crowell. 

Mr.  Crowell.  No. 

Mr.  GoODLATTE.  OK,  I  3deld  back  my  time  to  the  gentleman. 
Thank  you  very  much. 

Mr.  CONYERS.  Oh,  you're  welcome. 

Good  morning,  Ms.  Gorelick.  We've  got  a  difficult  problem  here, 
haven't  we?  It  probably  won't  get  solved  in  the  104th,  but  this  is 
sort  of  a  tune-up  for  the  next  Congress,  wouldn't  you  say? 

Mr.  GOODLATTE.  I  think  that's  very  accurate. 


43 

Mr.  CONYERS.  So,  and  the  issues  are  international;  they  are  time- 
sensitive.  We've  got  to  try  to  resolve  all  of  these  large  questions 
that  are  in  some  conflict  with  each  other  as  quickly  as  we  can,  and 
so  I  commend  my  colleague  from  Virginia  for  taking  the  initiative 
with  Senator  Leahy  to  get  this  on  the  table  and  begin  these  discus- 
sions today  to  try  to  sort  out  some  of  the  problems  that  we  are  con- 
fronted with. 

What  I  see  happening  here  is  we're  trying  to  be  competitive,  and 
this  encryption  question  creates  a  bit  of  a  problem.  We've  had  a 
couple  of  international  groups  meeting,  and  they  haven't  been  able 
to  come  to  agreement,  have  they?  Did  you  know  about  the  meeting 
at  which  they  couldn't  reach  any  resolution? 

Ms.  GORELICK.  I'm  not  sure  what  you're  referring  to. 

Mr.  Crowell.  I  don't  think  either  of  us  are  sure  of  which  meet- 
ing you  are  referring  to,  sir. 

Mr.  CONYERS.  How  about  the  OECD  meetings? 

Ms.  GrORELlCK.  The  OECD  discussions  are  proceeding  very,  very 
well.  In  fact,  they're  meeting  tomorrow  and  the  day  after.  There 
has  been  a  movement  toward  consensus.  As  you  know  from  your 
long  experience,  the  discussions  within  the  OECD  typically  take 
quite  a  while.  But  I  have  every  reason  to  be  optimistic  about  it. 
The  working  group,  I  think,  is  proceeding  quite  well,  and  I'm  un- 
aware of  any  stalemate  or  any  inability  to  reach  agreement.  And 
I  would  say  in  that  regard,  Mr.  Conyers,  that  if  you  don't  have 
international  agreement,  if  you  don't  have  some  level  of  inter- 
national consensus,  that  is  what  will  stjmiie  the  growth  of  an 
encryption  system,  because  it  only  works  if  the  products  are  inter- 
operable, and  interoperability  only  works  if  there  is  a  common 
standard  to  work  toward.  So,  I  think  that  while  it  is  time-consum- 
ing, these  discussions  have  only  gone  on  over  the  last  year,  and  I 
think  they  are,  indeed,  quite  productive. 

Mr.  CONYERS.  I'm  glad  to  hear  that.  That's  great  news.  I  prob- 
ably received  misinformation  then.  But  you're  watching  that  and 
I'm  glad.  I'm  happy  to  know  that  the/re  moving  forward  satisfac- 
torily. 

Now,  we've  got  the  mandatory  provision  for  decoding  and  the  es- 
crow to  a  third  party.  If  the  key  escrow  plan  isn't  mandatory, 
doesn't  that  give  the  bad  guys  an  opening? 

Ms.  GORELICK.  If  the  system  is  not  mandatory,  and  I  don't  know 
of  any  proposal  on  the  table  right  now  to  make  it  mandatory,  it 
does  give  people  who  wish  to  use  encryption  without  any  key  recov- 
ery system  the  ability  to  do  that.  But  bear  in  mind  two  things. 
First,  the  ability  to  do  harm,  to  really  do  harm  if  you  are  not  con- 
nected with  the  rest  of  society,  is  minimized.  The  real  harm  that 
an  international  organized  criminal  activity  does  is  if  it  can  reach 
into  our  banking  system,  reach  into  our  credit  card  system,  reach 
into  our  transportation  system,  using  encryption,  and  connect  with 
legitimate  society. 

If  you  have  five  guys  talking  on  encrypted  telephones,  which  they 
can  do  right  now,  they  can  certainly  do  harm,  but  they  can't  do 
anywhere  near  as  much  harm  as  they  could  if  they  could  use  the 
same  encrypted  technology  to  talk  to  Citibank  or  to  talk  to  Visa. 
And  that  is  why  we  are  encouraging  legitimate  society  to  move  to 
a  key  recovery  system.  In  fact,  there  are  folks  who  right  now,  as 


44 

Deputy  Director  Crowell  says,  voluntarily  have  adopted  key  man- 
agement systems  of  their  own  and  voluntarily  make  those  keys 
available — well,  they  don't  voluntarily  make  them  available;  when 
we  have  a  warrant  they  do,  but  we  could  get  a  warrant  to  get  that 
information.  So,  we  welcome  that  and  why  we're  trying  to  encour- 
age that  trend. 

The  second  point  I  would  make  is  this.  Just  as  an  organized 
crime  family  right  now  doesn't  have  to  use  the  telephone — they  can 
go  for  a  walk  in  the  park,  and  they  do — their  compliance  with  their 
own  security  procedures  is  not  complete.  There  is  an  enormous 
availability  right  now  of  encryption  systems  that  aren't  used.  So  I 
would  say  that  if  we  had  most  of  our  society  moving  toward  a  key 
recovery  system  where  there  is  strong  robust  encryption,  and  the 
ability  of  government  to  obtain  keys  is  in  the  very  few  and  limited 
cases  where  we  have  a  warrant  to  do  so,  that  is  really  the  best  of 
both  worlds,  and  that  is  what  we  are  trying  to  encourage. 

I  believe  that  most  businesses  will  fmd  a  reason  to  use  such  a 
system,  and  most  individuals  will  want  to  have  such  a  system  so 
that  they  don't  have  to  worry  about  what  happens  when  they  have 
encrypted  all  of  their  financial  records  and  they  die  and  leave  their 
family  without  any  recourse,  without  any  ability  to  know  what  is 
where.  Most  people  are  going  to  want  to  have  that,  and  I  think  we 
should  encourage  the  development  of  such  a  system. 

Mr.  CONYERS.  No  securities  firm  would  be  comfortable  giving  any 
third  party,  no  matter  how  trustworthy,  the  means  to  access  all  of 
its  confidential  customer  data  and  other  proprietary  information — 
is  that  true  or  false? 

Ms.  GORELICK.  I  have  not  surveyed  securities  firms,  but,  again, 
what  we  are  advocating  would  allow  a  securities  firm  to  maintain 
its  own  keys.  That  is,  if  they  maintain  them  with  security  to  ensure 
the  confidentiality  of  a  law  enforcement  investigation,  the  trusted 
person  doesn't  necessarily  have  to  be  a  third  person. 

Mr.  Crowell.  And  we  have  discussed  and  encouraged  the  use  of 
a  number  of  systems,  including  two-man  control  and  other  ap- 
proaches, that  would  limit  the  availability  of  critical  key  informa- 
tion to  any  single  individual  in  corporations  or  in  governments,  or 
whatever.  We  operate  a  key  management  infrastructure  for  U.S. 
Government  classified  information  today  that  does  not  allow  any 
single  individual  to  gain  access  to  the  keys;  it  takes  two  individuals 
with  proper  authority  to  do  that. 

Mr.  CONYERS.  Well,  that's  helpful,  and  there  will  be  more  discus- 
sion about  this  as  we  go  along. 

Are  you  in  Justice  planning  any  legislative  initiatives  that  will 
help  us  as  we  move  this  piece  forward?  This  bill  will  assuredly  be 
reintroduced  in  the  105th  Congress.  Might  we  expect  pieces  of  draft 
paper  from  the  Department  of  Justice  on  this? 

Ms.  GkDRELiCK.  Certainly  our  alternative  would  require  the  enact- 
ment of  a  fairly  simple  piece  of  legislation  which  would  create  obli- 
gations for  those  who  hold  keys.  You  would  want  to  make  sure  that 
whoever  does  hold  the  keys  does  not  release  them  improperly — that 
is,  either  without  the  permission  of  the  person  whose  key  it  is  or 
pursuant  to  an  appropriate  court  order.  So,  we  will  certainly  have 
a  legislative  companion  to  the  proposal  that  we  ultimately  make, 


45 

although  a  great  deal  of  what  we  would  propose  to  do  can  be  done 
administratively. 

Mr.  CONYERS.  Oh,  that's  great;  I'm  glad  to  hear  that. 

Finally,  will  the  increased  use  of  encryption  help  prevent  crimes? 
Will  more  widespread  use  of  encryption  promote  national  security? 

Ms.  GORELICK.  I  certainly  think  that  the  contribution  that  the 
development  and  utilization  of  encryption  can  make  to  public  safety 
is  very  significant.  We  would  urge  that  people  who  want  to  protect 
their  records  have  the  ability  to  do  so  via  encr5T)tion.  Our  approach 
is  not  one  that  suggests  that  encryption  is  bad;  to  the  contrary,  we 
think  it  is  good.  We  only  believe,  however,  that  there  needs  to  be 
some  availability,  some  access  to  a  key  to  decr3rpt  the  information 
in  those  limited  circumstances  when  we  have  probable  cause  to  be- 
lieve a  crime  is  being  committed.  That's  the  answer  for  public  safe- 
ty, and  Bill  Crowell  can  answer  for  national  security. 

Mr.  CONYERS.  Well,  let  me — hold  your  answer,  because  I  want  to 
let  some  other  members  in  on  this.  I  wanted  to  raise  COCA  and 
"hooks"  here  for  a  minute.  I'm  referring  to  the  cost  of  cracking  ad- 
justment in  which  the  private  sector  has  proposed  that  the  Govern- 
ment add  two  decoding  bits  every  3  years  to  accommodate  the 
power  buildup.  Are  you  favorably  disposed  to  this?  And  what  about 
allowing  the  export  of  software  that  has  programming  interfaces, 
"looks,"  that  allow  foreign  customers  to  plug  in  to  whatever 
encryption  they  may  wish  to  use  in  foreign  countries? 

Mr.  Crowell.  The  first  question  had  to  do  with  expanding  the 
bit  length  progressively?  I  don't  think  that  would  end  up  being  a 
very  progressive  policy,  because  eventually  you  would  reach  bit 
lengths  that  were  impossible  to  break  under  any  circumstances.  As 
I  mentioned  earlier,  today  there  are  encryption  systems  on  the 
market  that  would  take  100  quadrillion  years  to  break  with  the 
fastest  com^puters  on  the  market  today,  if  you  did  it  via  brute  force. 

So,  we  don't  see  that  as  answering  industry's  interests.  In  fact, 
they're  interested  in  the  largest  bit  length,  the  most  security  that 
they  can  get  in  the  near  term,  and  the  only  way  to  do  that  in  any 
kind  of  balanced  way  is  through  a  key  recovery  system  that  allows 
you  to  still  keep  robust  cryptography  that  no  one  else  can  break, 
and  still  provide  an  opportunity  for  lawful  access  of  either  the  indi- 
vidual, the  corporation,  or  law  enforcement  under  proper  warrant. 
And  that's  why  we  keep  advocating  this  approach;  it's  that  it 
avoids  this  issue  of  what's  the  right  bit  length  that  provides  good 
security  and  access,  and  there  is  none. 

Mr.  CONYERS.  OK,  then  what  about  the  use  of  foreign  customers 
plugging  into  whatever  encryption  that  they  may  use  in  foreign 
countries? 

Mr.  Crowell.  There  are  proposals  for  exporting  what  are  called 
cryptologic  application  interfaces.  They  vary  in  their  approach,  but 
most  of  them  provide  for  conformance  with  U.S.  export  conditions 
by  signing  the  cryptography  that  would  go  into  it.  That  does  two 
things  for  the  industry  that  makes  the  export 

Mr.  CONYERS.  But  you  don't  have  any  objections?  That's  the 
point. 

Mr.  Crowell.  I  was  about  to  get  to  that. 

Mr.  CoNYERS.  Oh,  OK;  forgive  me. 


46 

Mr.  Crowell.  We  have  an  interest  in  what  kind  of 
cryptographies  would  be  used  in  those,  from  both  an  interoper- 
ability standpoint  and  from  the  standpoint  of  their  reintroduction 
into  the  United  States. 

Mr.  CONYERS.  So  you  have  some  medium-sized  objections,  or  are 
they  large  objections? 

Mr.  Crowell.  We're  working  with  those  industries  that  are  pro- 
posing the  export  of  CAPFs  today,  and  most  of  those  are  moving 
toward  an  approved  product. 

Mr.  Conyers.  I'm  glad  to  hear  that. 

Thank  you,  Mr.  Goodlatte. 

Mr.  Goodlatte.  Thank  you. 

The  gentleman  from  California. 

Mr.  Bono.  Thank  you,  Mr.  Chairman.  I  have  another  meeting, 
so  I  appreciate  you  calling  on  me. 

You  brought  up  the  issue  of  public  safety,  rightfully  so.  Evidently 
you  have  a  high  regard  for  public  safety;  I  do,  as  well.  I  think  it's 
a  primary  issue,  but  I  think  there's  a  question  as  far  as  the  public 
is  concerned  about  the  credibility  of  the  agencies  that  we  now  want 
to  give  more  authority,  as  far  as  invading  their  private  lives.  When 
we  talk  about  public  safety,  when  you  have  an  agency  swear-in 
5,000  aliens  with  criminal  records,  then  the  question  arises,  "How 
concerned  is  that  agency  about  public  safety?" 

When  you  have  files  mystically  go  from  one  place  to  another  and 
no  one  can  tell  how  they  got  there,  or  why  they  got  there  or  what 
they're  doing,  there  is  a  tremendous  lack  of  credibility,  certainly  in 
my  district,  as  far  as  turning  over  more  records  to  these  people.  It 
seems  to  me  that  when  you  raise  the  issue  of  public  safety  that  I 
would  be  more  concerned  coming  here  and  testifying  and  making 
sure  that  those  agencies  were  absolutely  pristine — and  they're  not. 

It's  reported  that  the  FBI  duped  a  suspect  into  making  a  training 
film,  and  it  hasn't  been  denied.  So,  there's  all  this  mystery  about 
these  agencies.  That  mystery  has  to  be  cleared  up  because  it  leaves 
a  huge  question  mark  in  the  minds  of  the  public.  I'm  not  prepared 
to  give  any  agency  more  authority  when  I  don't  trust  it.  Frankly, 
I  don't  trust  any  of  them — we're  investigating  the  INS  for  releasing 
prisoners  and  other  crimes.  It's  very  nice  to  have  this  technical 
rhetoric  that  we're  having,  but  I  would  not  be  comfortable,  nor 
would  I  even  consider  giving  agencies  more  authority  until  they 
displayed  more  prudence  in  how  they  go  about  what  thej^re  sup- 
posed to  do,  as  far  as  it's  concerned  with  public  safety. 

Ms.  GrORELlCK.  Well,  I  would  answer  that  question  with  a  ques- 
tion which  is.  How  do  you  feel  about  your  local  law  enforcement  au- 
thorities? 

Mr.  Bono.  Very  good. 

Ms.  GORELICK.  Well,  half  of  the  wiretaps  in  this  country  are  per- 
formed by  your  local  law  enforcement  authorities,  and  they  would 
be  equally  as  frustrated  as  Federal  law  enforcement  authorities. 
We  are  not  seeking  any 

Mr.  Bono.  I  think  you're  talking  apples  and  oranges  there.  My 
local  law  enforcement  does  not  cast  a  lot  of  mystery  on  its  behav- 
ioral patterns  as  far  as  public  safety  is  concerned  within  the  dis- 
trict. So  there's  a  difference  there.  To  say  that  they  are  simply  law 
enforcement  officers  therefore,  they  should  have  all  these  privi- 


47 

leges,  and  then  to  see  an  abuse  of  those  privileges  doesn't  cut  it. 
When  I  was  mayor,  my  police  department  in  my  district  was  and 
is  squeaky  clean.  I  can't  say  that  about  the  Federal  agencies. 

Ms.  Gk)RELlCK.  Well,  let  me  try  to  make  my  point  a  little  more 
clearly  then.  The  system  that  we  are  talking  about  here  today 
would  give  no  more  authority  to  any  law  enforcement  agency  than 
it  currently  has.  It  would  simply  maintain  the  status  quo.  If  you 
frustrate  that  system,  if  you  frustrate  the  ability  of  a  court  to  order 
a  wiretap,  for  example,  you  frustrate  it  not  just  for  Federal  law  en- 
forcement, which  you  say  you  don't  trust,  but  you  frustrate  it  for 
all  of  law  enforcement.  You  cannot  have  one  system  in  this  regard 
for  Federal  and  one  for  State  and  local. 

Now,  it  may  be  that  you  think  Federal  law  enforcement  should 
not  have  the  ability  to  search  consistent  with  the  Constitution.  It 
may  be  that  you  wish  to  repeal  the  1968  wiretap  law.  It  may  be 
that  you  wish  to  simply  stop  investigating  organized  crime  and 
international  narcotics  or  domestic  narcotics  organizations.  Wire- 
tapping is  key  to  all  of  those  investigations.  If  you  are  not  ready 
to  do  those  things,  the  proper  course,  I  would  suggest,  is  to  put  in 
place  a  sensible  encryption  policy. 

And  if  there  are  reforms  that  need  to  take  place  with  regard  to 
Federal  law  enforcement  or  the  Immigration  and  Naturalization 
Service,  I'll  be  with  you  every  step  of  the  way  to  put  those  in  place. 
But  I  do  not  think  that  the  way  to  reform  the  Immigration  and 
Naturalization  Service  is  to  have  an  encryption  policy  that  frus- 
trates legitimate  Federal,  State,  and  local  law  enforcement. 

Mr.  Bono.  Well,  I  submit  to  you  that  unless  we  start  a  different 
behavioral  pattern  on  the  part  of  the  Federal  law  enforcement 
agencies  and  on  the  part  of  the  Federal  agencies,  that  that  is  the 
number  one  priority  over  the  concern  of  access.  You  will  never  get 
public  approval  of  the  credibility  of  these  agencies.  It's  shattered, 
and  it's  going  to  continue  to  be  shattered.  If  there  are  more  things 
that  pop  open,  I  can't  support  giving  anything  to  any  Federal  agen- 
cy, as  far  as  law  enforcement  is  concerned,  because  I  absolutely 
don't  trust  them. 

Mr.  GOODLATTE.  The  gentleman  from  Texas,  Mr.  Bryant. 

Mr.  Bryant  of  Texas.  Thank  you,  Mr.  Chairman. 

I  was  out  of  the  room  at  another  committee,  briefly,  and  missed 
some  of  what  you've  said,  but  I  think  I've  read,  Ms.  Gorelick,  your 
entire  statement  while  sitting  here.  I'm  a  little  confused  about 
what  it  is  you  want  in  the  way  of  legislation,  or  don't  want.  I  heard 
you  answer  the  first  question  by  the  chairman  that  made  me 
think — maybe  I  should  just  ask  you  to  tell  me  what  you  want. 

As  I  read  it  here,  you  say  that  you  do  not  want  to  see  widespread 
use  of  strong  encryption  unless  there  is  a  key  systerp  in  which  the 
Government  can  get  access  to  the  key  if  it  feels  a  need  to  do  so. 
What  I  read  seems  to  be  at  odds  with  what  I  heard  you  say  to  the 
chairman  a  moment  ago. 

Ms.  Gorelick.  Mr.  Bryant,  what  I  said  at  the  outset  is  this.  First 
of  all,  I  am  somewhat  hamstrung  by  not  having  the  administra- 
tion's decision  to  announce,  but  the  underlying  policies  are  consist- 
ent with  those  that  we've  discussed  with  this  committee  before,  and 
they  are  these:  We  would  not  support  the  unilateral  dropping  of 
our  export  barriers  with  no  international  agreement  for  place  to  a 


48 

key  management  system.  We  believe  that  there  needs  to  be  an 
internationally-adopted  key  recovery  system  and  that  we  need  to 
encourage  industry  to  build  products  consistent  with  such  a  sys- 
tem. We  do  not  promote  the  prohibition  of  the  use  of  unescrowed 
encryption  domestically. 

So,  when  I  answered  Mr.  Conyers's  question,  what  I  was  saying 
was  this:  We  would  support  legislation,  and  will  on  certain  pro- 
posed legislation,  that  would  establish  the  rights  and  responsibil- 
ities— primarily  responsibilities — of  someone  who  would  hold  a  key 
so  that  you  could  be  assured  that  if  you  gave  your  key  to  American 
Express  or  a  bank,  which  might  set  itself  up  as  an  escrow  agent, 
that  you  would  be  assured  that  should  that  entity  divulge  the  key 
or  disclose  the  key  without  your  permission  or  without  a  court-or- 
dered search  warrant,  that  you  would  have  a  civil  remedy  against 
them,  and  there  would  also  be  a  criminal  penalty. 

Mr.  Bryant  of  Texas.  Well  then,  why,  if  you  do  not  support  legis- 
lation to  prohibit  the  use  of  strong  encryption  without  a  key  sys- 
tem, then  what  difference  does  it  make?  I  mean,  if  you  don't  sup- 
port laws  to  force  people  to  use  the  key  system,  then  there's  going 
to  clearly  be  strong  encryption  without  keys  out  there. 

Ms.  GORELICK.  We  don't  think  so.  We  believe  that  the  inter- 
national market  which  will  drive  where  encryption  products  go  will 
ultimately  demand  an  encryption  product  that  utilizes  a  key  recov- 
ery system,  and  that  if  we  can  use  our  own  export  policy  to  encour- 
age the  development  of  that  system,  if  we  can  work  with  our  for- 
eign partners  toward  the  development  of  that  system,  the  market- 
place will  do  the  rest,  that  is 

Mr.  Bryant  of  Texas.  But  wouldn't  that  require  that  they  have 
a  law  forcing  you  to  have  a  key  in  other  countries?  Otherwise,  if 
they  did  the  same  thing  you're  talking  about,  then  they  would  have 
a  nonkey  domestic  system  and  we  would  have  a  nonkey  domestic 
system,  and  you  would  have  exactly  what  you're  saying  is  dan- 
gerous. 

Ms.  GORELICK.  I  think  other  countries  are  either  likely  to  pro- 
hibit the  use  of  encr3^tion  without  a  key  recovery  system  or  to 
adopt  domestic  policies  which  encourage  the  development  of  a  key 
recovery  system,  such  as  utilizing  governmental  purchases  of  a  key 
recovery  system  to  jump-start  the  market,  such  as  a  certification 
system  in  which  a  government  would  certify  to  its  people  that  a 
particular  product  is  appropriate  for  use,  so  that,  internationally, 
the  marketplace  will  develop  toward  a  key  recovery  system  that  is 
the  same  and  that  our  American  industry  could  build  toward. 

Mr.  Bryant  of  Texas.  Well,  I  don't  want  my  questions  to  suggest 
that  I  like  the  idea  of  requiring,  or  indirectly  requiring,  a  key  re- 
covery system.  I'm  undecided  on  the  matter,  and  I'm  uncomfortable 
with  the  idea  that  I  would  have  to  put  my  key  somewhere  so  that 
the  (rovemment,  if  it  decided  I  was  a  suspicious  character,  could 
get  a  warrant  and  check  out  what  I'm  sending  to  the  other  branch 
of  my  company.  I'm  skeptical  about  it,  and  I  don't  want  my  ques- 
tions to  be  interpreted  as  being  supportive,  yet,  of  that  idea. 

Ms.  GrORELlCK.  Well,  let  me  suggest  to  you  that  I  believe — and 
we  can  come  back  in  four  or  five  years  and  see  what  happens — but 
I  believe  you  will  have  encryption  and  that  you  will  voluntarily 
place  the  key  with  someone  that  you,  indeed,  trust  so  that  if  you 


49 

do  need  to  recover  it  some  day  or  your  heirs  need  to  recover  it  or 
your  lawyer  needs  to  recover  it,  that  can  be  done  pursuant  to  court 
order — not  just  in  an  investigative  context,  but  in  some  other  con- 
text, as  well.  And  I  think  that  that  is  what  the  future  will  hold  for 
most  people. 

Mr.  Bryant  of  Texas.  Thank  you. 

Mr.  GOODLATTE.  I  thank  the  gentleman. 

The  gentleman  from  Florida,  Mr.  Canady. 

Does  the  chairman  have  any  questions?  OK. 

The  gentleman  from  Virginia,  Mr.  Scott. 

Mr.  Scott.  Thank  you,  Mr.  Chairman,  and  I  apologize  for  miss- 
ing some  of  the  testimony.  As  the  lady  from  California  has  indi- 
cated, there  are  bills  on  the  floor  affecting  this  committee  so  some 
of  us  are  running  back  and  forth. 

I'm  a  little  confused  as  to  what's  available  to  people  who  want 
to  do  illegal  things.  What  is  available  to  them  now,  internationally? 
I  guess  we're  talking  about  bits — 40  to  128 — what  can  they  get 
now? 

Mr.  Crowell.  There  are  a  number  of  products  available  inter- 
nationally. The  most  prolific  products  are  40-bit  cryptography 
which  are  readily  available  in  most  of  the  major  so-called  shrink- 
wrap  software  products  and  some  hardware  products,  as  well. 
There  are  products  available  over  the  Internet  that  have  much 
larger  keys,  including  some  up  to  128-bit  key  lengths.  As  I  men- 
tioned earlier,  the  problem  with  the  focus  on  bit  lengths 

Mr.  Scott.  What  is  legal  right  now?  You  can  get  up  to  40? 

Mr.  Crowell.  You  can  export  40-bit  cryptography  today  without 
restriction. 

Mr.  Scott.  If  a  drug  dealer  wanted  to  encrypt  his  communica- 
tions today,  what's  the  most  complex  system  he  could  use  today? 

Mr.  Crowell.  He  could  download  from  various  sources  128-bit 
cr3^tography,  which  he  would  have  to  assume  is  trustworthy.  He 
has  no  way  of  verifying  that  since  they  are  not  products  available 
in  the  international  marketplace. 

Mr.  Scott.  OK,  and  if  were  to  use  this  and  this  bill  were  to  pass, 
what  would  happen? 

Mr.  Crowell.  Well,  let  me  take  a  little  different  approach  to  it, 
if  I  can. 

Mr.  Scott.  Or  if  your  bill  would  pass — I  guess  my  question  is, 
if  he's  using  128-bit  cryptography,  how  would  you  know? 

Mr.  Crowell.  Let  me  talk  about  how  you  use  cryptography,  be- 
cause that  is  key  to  some  of  our  arguments  about  the  need  for  key 
management  infrastructure.  The  way  public  key  cryptography 
works  is  that  if  you  have  a  product  that  has  encryption  in  it,  you 
then  must  generate  or  have  someone  generate  for  you  a  public  key 
and  a  private  key;  these  are  pairs.  The  public  key  you  make  avail- 
able to  people  who  want  to  communicate  with  you  and  they  encrypt 
something  in  that  key,  and  you  decrypt  it  with  your  private  key. 

Now  let's  suppose  you  and  I  want  to  communicate,  that  we've 
never  met  each  other,  and  we're  on  the  Internet.  You  send  me  your 
public  key  and  your  address  and  I  encrypt  something  in  your  public 
key.  How  do  I  know  that  you  are  you?  How  do  I  know  that  this 
person  is  not  someone  masquerading  as  you?  And  when  I  send  the 
message,  instead  of  sending  it  to  you,  I  send  it  to  them;  they  can 


50 

decrypt  it.  And  if  by  some  means  you  did  get  it,  you  wouldn't  be 
able  to  decrypt  it  because  it  was  not  in  your  key  pair.  So  this  infra- 
structure we  keep  talking  about  is  not  a  frill;  it's  absolutely  essen- 
tial to  the  way  people  will  conduct  business  on  international  net- 
works for  the  future. 

So  your  hypothetical  terrorist  may  be  able  to  exchange  keys  with 
some  small  set  of  people  he  can  trust,  but  he  won't  be  able  to  use 
his  Visa  card  if  it's  an  electronic  version,  and  he  won't  be  able  to 
charge  his  phone  calls  if  it's  an  international  phone  card  system 
that  has  encryption. 

Mr.  Scott.  Are  all  of  his  communications  encrypted?  I  mean,  can 
he  communicate  in  plain  text  and  then  go  over — and,  say,  if  I'm 
just  talking  to  you,  I'll  encrypt  that  information? 

Mr.  Crowei.l.  Only  if  he  is  operating  within  a  system  that  has 
the  infrastructure  that  allows  him  to  exchange  the  public  keys  and 
set  up  the  communications. 

Mr.  Scott.  Well,  say  we  get  together,  and  I  know  you're  going 
to  another  State  and  we  exchange  the  keys.  Can  we  not  commu- 
nicate? 

Mr.  Crowell.  You  can  under  that  limited  set  of  circumstances — 
in  the  same  way  that  I  can  give  you  a  pair  of  tin  cans  and  we  can 
communicate,  but  it's  a  very  limited  way  of  carrying  on  commu- 
nications. 

Mr.  Scott.  Yes,  but  if  you  were  to  hook-in,  you  wouldn't  be  able 
to  understand — if  somebody  were  to  hook  into  our  encrypted  con- 
versation, they  wouldn't  be  able  to  understand  what  we  were  say- 
ing because  we  have  the  keys  and  they  don't. 

Mr.  Crowell.  For  the  two  of  us,  that's  correct. 

Mr.  Scott.  OK,  now  if  someone  were  to  tap  into  that  conversa- 
tion, with  whatever  legislation  you  want,  how  would  they  know 
that  it  was  an  illegal  conversation  because  it  was  illegally 
encrypted? 

Mr.  Crowell.  In  the  case  of  the  limited  circumstance  you  speci- 
fied, which  is  two  individuals  who  agree  in  advance  to  exchange 
keys  and  carry  on  this  communication,  unless  they  could  be  broken, 
we  would  not  be  able  to  enter  into  that  conversation.  But  if  it  were 
in  some  larger  circumstance,  that  is,  use  of  a  public  system 

Mr.  Scott.  Well,  let  me  get  this  straight.  If  we  know  in  advance 
who  I'm  trying  to  communicate  with  and  we  have  exchanged  the 
appropriate  keys  in  advance,  then  none  of  this  makes  any  dif- 
ference. Is  that  what  I'm  understanding? 

Ms.  GORELICK.  That's  correct. 

Mr.  Scott.  And  the  only  thing  we're  talking  about  are  kind  of 
broadcast  conversations? 

Mr.  Crowell.  No. 

Mr.  Scott.  What  I  mean  by  broadcast  is  sent  out  to  a  bunch  of 
people. 

Mr.  Crowell.  No,  if  you  want  to  carry  on  a  conversation  in  a 
large  environment  internationally,  with  corporations,  with  Visa 
card  companies,  with  whatever,  you  will  be  using  systems  in  which 
they  will  require  key  recovery.  For  example,  home  banking  systems 
will  have  key  recovery  associated  with  it  so  that  they  can  recover 
the  transactions 


51 

Mr.  Scott.  If  you  have  terrorists  or  people  conducting  illegal  op- 
erations, they  will  at  some  point  be  able  to  communicate  with  who 
they  want  to  communicate  with  and  none  of  this — this  bill  or  what 
you  want — none  of  that  will  make  any  difference? 

Ms.  Gk)RELiCK.  If  I  might  try  to  respond  to  that.  It  makes  a  dif- 
ference in  that  as  soon  as  they  get  out  of  that  small  cell,  that  small 
box 

Mr.  Scott.  If  they're  terrorists,  why  do  they  want  to  get  out 
of 

Ms.  GORELICK.  Because  they  have  to  move  money,  to  get  sup- 
plies, to  make  international  phone  calls.  The  connectedness  of  a 
group  to  the  rest  of  society  is  what  makes  them  more  dangerous. 
Will  we  have  visibility  into  all  possible  phone  conversations?  No. 
Do  we  have  that  now?  No.  Is  it  feasible  for  us  to  have  it?  No.  Can 
someone  take  a  walk  in  the  park  and  avoid  the  current  phone  sys- 
tem altogether?  Yes.  Is  that  an  element  we  live  with  today?  Yes. 

But  do  we  want  to  limit  the  harm  that  can  be  done,  limit  the 
ability  of  such  people  to  function  without  any  ability  by  law  en- 
forcement to  see  what  is  happening  pursuant  to  a  legitimate  court 
order?  That  is  what  we  are  trying  to  do,  and  I  will  tell  you  that 
law  enforcement  officials,  from  local  sheriffs  to  the  folks  who  do  our 
most  highly-classified  national  security  work,  believe — and  we  can 
talk  about  this  in  a  closed  session — that  if  you  can  cut  off  access 
to  the  system  of  commerce  generally,  if  you  can  keep  that  cell 
smaller,  you  can  minimize  the  harm,  and  that  is  very,  very  impor- 
tant to  do.  I  don't  think  it  is  fair  to  say  that  just  because  folks  can 
get  together  and  have  a  small  group  of  them  communicate  right 
now,  that  that's  all  we  need  to  worry  about — it  is  not. 

Mr.  Crowell.  And  I  would  add  that  they've  had  cryptography 
available  to  them  for  the  last  50  years  that  could  have  allowed  that 
kind  of  communication.  Even  though  it  wasn't  commercially  avail- 
able, it  was  readily  available  as  technical  knowledge  in  books  that 
were  published  throughout  the  United  States  and  internationally. 

Mr.  GOODLATTE.  I  thank  the  gentleman. 

The  gentlewoman  from  California. 

Ms.  LOFGREN.  Thank  you,  Mr.  Chairman. 

I  also  apologize  for  not  being  here  to  hear  your  opening  state- 
ments because  of  legislation  on  the  floor,  which  I  think  we're  going 
to  get  called  off  again  to  do.  However,  I  have  had  a  chance  to  read 
your  written  statements,  and  sometimes  I  think  that  there  is  just 
not  good  communication  going  on.  And  I'm  hopeful  that  as  we  move 
through  this  that  that  can  change. 

Unlike  my  colleague  from  California,  I  don't  think  that  the  law 
enforcement  agencies  at  the  national  or  local  level  ^re  trying  to  do 
bad  things  or  run  rough-shod  over  the  country  or  want  to  violate 
rights.  Sometimes  there  are  mistakes  made,  and  I  think  we  all  con- 
demn them,  including  those  of  us  in  leadership  positions.  But  I 
think  your  goal  is  an  honorable  one,  which  is  to  keep  our  country 
safe,  and  that's  a  goal  that  I  share.  The  problem  is,  I  don't  think 
what  you're  doing  with  encryption  advances  that  goal  one  darned 
bit,  and  I'm  very  concerned  that  the  negative  impact  on  our  coun- 
try, economically,  for  something  that  will  not  actually  achieve  the 
admirable  goal  that  you  have,  will  be  serious,  indeed. 


52 

I  understand  from  reading  your  statements  that  it  is  the  view  of 
the  administration  that  there  really  isn't  good  encryption  available 
in  international  markets.  If  that's  inaccurate,  please  advise  me  of 
that,  but  I  was  mystified  by  that  because  it's  certainly  not  the  in- 
formation I  have  from  Silicon  Valley  when  I  talk  to  people  who  are 
getting  beat-out  in  competition  for  sales  and  seeing  their  market 
share  decrease  dramatically,  and  I'm  just  wondering  about  some  of 
the  programs  available. 

As  you  know,  I  think  Singapore  is  now  aggressively  moving  into 
SAFER-SK  technology  and  I  think  Coopers  and  Lybrand  did  ac- 
quire from  the  German  vendor,  KryptoKom,  triple-DES  for  their 
business,  and  that  was  a  direct  business  loss  to  Silicon  Valley  and 
the  United  States.  So  it  appears  to  me,  at  least,  that  there  is  very 
good  foreign  material,  and  I  hear  that  from  their  U.S.  competitors, 
that  it's  very  high  quality  stuff.  And  also  what  is  happening 
abroad,  especially  in  Japan,  which  is  of  great  concern  is  their  new 
plan  to  manufacture  heavily-encrypted  mobile  phones,  as  well  as 
the  $200  million  that  they  are  spending  through  their  government's 
international  trade  division  on  research  and  development  in 
encrjqjtion.  We  have  a  rather  checkered  economic  relationship  with 
Japan;  I  don't  know  that  we've  cut  a  deal  with  them  for  them  to 
stop  competing  with  our  companies. 

Whoever  wants  to  address  the  quality  of  what's  available — or 
maybe  I've  misconstrued  your  comments — but  I'd  be  very  happy  to 
hear  that. 

Mr.  Crowell.  There  are  a  variety  of  products  on  the  market, 
some  of  which  are  of  quality  and  some  of  which  are  of  dubious 
quality.  In  addition,  many  of  those  products  do  contain  various 
forms  of  key  recovery  or  key  escrow.  The  House  Foreign  Affairs 
Committee  2  years  ago  produced  for  me  some  of  those  products 
that  were  available.  One  of  those  product's  instruction  manuals,  for 
example,  which  says  that  it  is  very  robust,  56-bit  DES  cryptog- 
raphy, in  the  instructions  said,  "But  if  you  should  lose  your  key, 
please  see  your  supervisor  and  he  will  make  sure  that  you  get  a 
new  one." 

Ms.  LOFGREN.  If  I  may — I  mean  two  years  ago  in  this  technology 
is  like  prehistory. 

Mr.  Crowell.  I  agree,  and  it  is  moving  in  the  direction  of  better 
quality  products  in  terms  of  the  encryption  algorithms,  but 
encryption  is  only  a  portion  of  the  battle.  Security  is  about  5  per- 
cent encryption.  The  rest  of  the  security  comes  from  how  it  is 
bound  to  the  mechanisms  in  which  it  is  used.  Does  it  have  a  key 
management  infrastructure  that  supports  it  that  allows  me  to 
know  who  I  am  dealing  with?  Does  it  have  some  kind  of  recovery 
mechanism  so  that  I  can  recover  if  I  should  lose  my  password  and 
keys  and  so  on?  Does  it  meet  the  national  requirements? 

Ms.  Lofgren.  If  I  may,  sir — I  don't  want  to  be  rude,  but  my  time 
is  running  out.  Clearly,  you're  not  disputing  that  high  quality- 
encrypted  128-bit  triple  DES  products  are  being  produced  abroad 
and  purchased  abroad  instead  of  being  produced  and  purchased 
here.  Is  that  correct? 

Mr.  Crowell.  There  are  products  being  purchased  abroad  that 
include  varying  bit  lengths  of  cryptography,  including  56-bit  DES 
and  128-bit. 


53 

Ms.  LOFGREN.  My  time  has  expired,  Mr.  Chairman.  I  don't  want 
to  be  unfair. 

Mr.  GOODLATTE.  We'll  allow  the  witness  to  answer. 

Ms.  GORELICK.  If  I  might  just  respond  to  make  two  points  that 
we  discussed  in  your  absence:  one  is  that  in  order  for  there  to  be 
a  large  market  for  our  companies  to  go  after,  there  needs  to  be,  I 
think,  some  standard,  some  consensus,  so  that  you  have  interoper- 
able systems.  If  you  had  an  international  key  management  irfra- 
structure,  you  would  have  a  much  greater  marketplace.  And  key 
recovery  will  be  a  part  of  that  infrastructure.  You  would  also  have 
digital  signatures;  you  would  have  digital  directories  of  users  and 
keys;  you  would  have  a  system  of  authentication  which  would  make 
the  marketplace  much,  much  greater,  and  that  is  what  we  are  try- 
ing to  work  toward.  Otherwise,  you're  going  to  have  a  proliferation 
of  little  systems  which  have  limited  utility  because  they  don't  talk 
to  each  other;  they  operate  on  different  algorithms  and  different 
key  lengths. 

Ms.  LOFGREN.  May  I  ask  a  question,  because,  clearly,  you  need 
systems  that  work.  Users  of  the  system  certainly  need  to  have  a 
workable  system;  I  don't  disagree  with  that.  But  I  have  not  heard 
anybody  in  the  industry  who  is  in  this  business — and  I  hear  from 
them  all  of  the  time  back  in  Silicon  Valley — who  says  that  they  can 
sell  key-escrowed  material.  I  mean,  no  one  wants  to  buy  it,  and  it's 
not  competitive,  and  they  can't  sell  it.  And,  meanwhile,  we've  got 
pretty  good  companies  offshore  that  are  selling  very  high  quality 
products  that  are  not  even  messing  with  key  escrow  that  are  eating 
up  the  market. 

So,  I  guess  my  question  is — there's  interoperability  and  then 
there's  the  key  escrow  plan  that  I  think  the  administration,  for  the 
best  of  motives,  is  trying  to  pursue  that  does  not  fit  in  the  market- 
place from  what  I'm  hearing.  And  so  let  me  just  ask  you  this:  We've 
got  a  company  abroad  that  can  sell  triple-DES  in  Japan  and  it  can 
sell  triple-DES  domestically,  and  then  you  have  a  company  in  Sili- 
con Valley  that,  if  it  had  the  money  to  do  two  systems — which  is 
counter-competitive  since  its  competitors  abroad  do  not  have  to  do 
that — can  sell  40-bit  to  Japan  and  more  secure  domestically.  How 
can  that  possibly  allow  our  industry  to  compete? 

Mr.  Reinsch.  If  I  could  respond,  Ms.  Lofgren.  You've  made  a  cou- 
ple of  points.  I  think,  first,  on  the  availability  question,  let  me  sim- 
ply say  that  from  the  Department  of  Commerce's  point  of  view,  in 
our  experience,  the  truth  of  these  things  usually  is  somewhere  in 
the  middle.  Availability  of  the  products  you  describe  is  not  zero,  by 
any  means  but  we've  also  concluded  that  the  claims  of  availability, 
both  in  terms  of  quantity  and  quality  are  often  exaggerated,  often- 
times by  the  producers  of  the  product  for  commercial  purposes, 
sometimes  by  others.  But  the  products  are  out  there. 

What  you  are  describing,  though,  is  the  market  as  it  is  now  and 
the  market  as  it  would  be  in  the  absence  of  any  policy  to  change 
it.  What  we  are  trying  to  do,  and  what  we  hope  to  announce  soon, 
is  the  kind  of  policy  that  will,  hopefully,  move  the  market  in  the 
direction  that  Ms.  Gorelick  and  Mr.  Crowell  have  described;  that 
is,  a  marketplace  in  which  producers  will  produce  and  market  key 
escrow  products.  And  there  will  be  a  demand  for  them  internation- 
ally because  the  other  countries,  along  with  us,  are  coming  to  the 


54 

conclusion  that  that  is  the  world  that  best  meets  our  commercial 
and  our  law  enforcement  and  national  security  priorities. 

There's  no  question  that  that  world  doesn't  exist  now.  We're  try- 
ing to  get  there,  and  we're  trying  to  do  that  in  a  way  that  does  not 
compel  people  in  that  direction,  but  encourages  them  in  that  direc- 
tion. At  the  end  of  the  day  that  may  not  work,  but  that's  where 
we're  going. 

Ms.  LOFGREN.  Could  I  ask  just  a  quick  question,  even  though  my 
time  has  expired? 

Looking  at  how  we  approach  commerce  in  this  country  is  some- 
times markedly  different  than  how  foreign  governments  approach 
commerce.  We  see  some  foreign  governments  that  are  aggressively, 
as  part  of  their  international  policy,  taking  steps  hand-in-hand 
with  particular  industries  that  are  government-sponsored.  You 
know,  that's  not  the  way  we  approach  commerce  in  America  and 
I'm  not  criticizing  that,  but  I  do  have  a  concern  that  there  are 
countries  in  Europe  that,  to  my  knowledge,  have  not  yet  agreed  to 
restrain  companies  from  producing  triple-DES,  for  example,  that 
are  urging  us  to  continue  our  export  controls,  which  really  put 
their  companies  at  an  economic  advantage.  And  I  guess  I'm  a  little 
suspicious  about  whether  it's  just  law  enforcement  or  a  commercial 
advantage  that  they're  interested  in. 

And  the  other  thing  I  would  like  you  to  address,  really  from  the 
Commerce  Department's  point  of  view,  is  what  is  going  on  in 
Japan?  I  mean,  I  don't  know,  but  I've  done  some  reading,  and  I've 
heard  a  lot  of  anxiety  about  what's  happening  in  telecommuni- 
cations, as  well  as  what  appears  to  be  a  very  substantial  research 
effort  to  wipe  us  out. 

Mr.  Reinsch.  The  simplest  answer  to  your  question  is,  with  re- 
spect to  individual  countries,  particularly  the  Japanese,  that  it 
might  be  a  discussion  we  could  better  have  privately,  and  I'm 
happy  to  have  that  with  you.  We've  had  some  discussions  with  the 
Japanese.  There's  clearly  a  lot  of  R&D;  there's  a  lot  of  commercial 
activity  there.  I  think  it's  fair  to  say  that  there  is  not  yet  a  deci- 
sion— or  a  consensus  might  be  a  better  term  with  respect  to 
Japan — either  on  the  part  of  their  government  or  on  the  part  of 
their  producers  that  the  world  in  which  they  will  be  operating  is 
going  to  be  a  world  of  nonescrowed,  sophisticated  encryption.  In  the 
absence  of  that  consensus,  I  think  they're  going  to  be  very  cautious 
about  what  they  market. 

With  respect  to  the  other  countries — and  my  colleagues  probably 
have  more  to  say  about  this  than  I  do — as  I  understand  the 
progress  we've  made  thus  far,  and  again,  there  are  OECD  meetings 
today  and  tomorrow  that  may  produce  some  more  information  that 
would  shed  more  light  on  your  question,  but  I  think  the  others  are 
moving  in  the  same  direction  that  we  are.  They  are  moving  at  a 
different  pace;  some  have  already,  in  a  sense,  gone  down  a  more 
mandatory  route,  as  Ms.  Gorelick  mentioned,  but  they  seem  all  to 
be  moving  in  the  same  direction;  some  of  them  in  slightly  different 
fashions,  and  I  think  some  of  them  with  an  eye  on  commercial  ad- 
vantage. There's  no  question  about  that. 

The  only  way  the  policy  that  we're  describing  is  going  to  work 
is  if  we  can  enlist  these  other  countries  in  moving  in  the  same  di- 
rection, and  that  will  be  an  integral  part  of  what  we  try  to  do. 


55 

Ms.  LOFGREN.  My  time  has  expired.  I  don't  want  to  abuse  the 
chairman's  generosity. 

Mr.  GrOODLATTE.  I  thank  the  gentlewoman;  her  questions  are  ex- 
cellent. 

Mr.  GOODLATTE.  Ms.  Gorelick,  Mr.  Crowell,  Mr.  Reinsch,  we 
thank  all  of  you  for  your  very  generous  amount  of  time  that  you've 
given  us  this  morning.  As  you  can  see  from  the  questions,  there  are 
a  growing  number  of  questions  and  concerns  about  what  you're 
doing,  so  we  look  forward  to  hearing  the  administration's  proposal, 
and  I'm  sure  we'll  have  continuing  discussions  and  I  hope  we  do 
reach  a  resolution  of  this  serious  issue.  Thank  you  all  for  your 
time. 

Ms.  Gk)RELlCK.  Thank  you  very  much,  Mr.  Goodlatte. 

Mr.  Crowell.  Thank  you  very  much. 

Mr.  Reinsch.  Thank  you. 

Mr.  Goodlatte.  Our  next  panel  consists  of  four  witnesses  who 
represent  various  perspectives  from  the  private  sector.  Our  first 
witness  is  Ms.  Melinda  Brown.  She  is  vice  president  and  general 
counsel  of  Lotus  Development  Corp.  Before  coming  to  Lotus,  Ms. 
Brown  was  in  private  practice  in  Boston.  She  joined  Lotus  in  1989 
and  she  has  been  there  since  that  time.  She  appears  here  today  on 
behalf  of  the  Business  Software  Alliance. 

Our  next  witness  is  Ms.  Roberta  Katz.  Ms.  Katz  is  not  only  a 
lawyer,  but  also  a  Ph.D.  in  cultural  anthropology.  She  has  been  a 
partner  in  the  law  firm  of  Heller,  Ehrman,  White  &  McAuliffe,  and 
she  has  also  been  general  counsel  of  McCaw  Cellular  Communica- 
tions. She  is  currently  the  senior  vice  president,  secretary,  and  gen- 
eral  counsel  of  Netscape  Communications  Corp.  She  appears  here 
today  on  behalf  of  the  Information  Technology  Association  of  Amer- 
ica and  the  Software  Publishers  Association. 

Our  next  witness  is  Ms.  Patricia  Ripley.  Ms.  Ripley  is  managing 
director  at  Bear,  Stearns  &  Co.  Ms.  Ripley  is  a  certified  public  ac- 
countant, and  she  was  formerly  with  Arthur  Young  &  Co.  After 
coming  to  Bear,  Stearns,  she  organized  and  now  heads  the  cor- 
porate security  department. 

And  our  final  witness  is  Dr.  Charles  Deneka.  After  a  tour  of  duty 
with  the  Army,  he  joined  Coming  in  1972  and  he  has  been  there 
since.  Today  he  is  the  senior  vice  president  and  chief  technology  of- 
ficer of  Corning,  Inc.  He  appears  here  today  on  behalf  of  the  Na- 
tional Association  of  Manufacturers. 

We  welcome  all  of  you,  and  we  look  forward  to  hearing  your  tes- 
timony. Your  full  testimony  will  be  made  a  part  of  the  record,  and 
if  you  can  keep  your  remarks  to  5  minutes,  as  many  of  us  have  not, 
we  would  be  very  grateful.  And  we  will  start  with  Ms.  Brown.  Wel- 
come. 

STATEMENT  OF  MELINDA  BROWN,  VICE  PRESIDENT  AND  GEN- 
ERAL COUNSEL,  LOTUS  DEVELOPMENT  CORP.,  ON  BEHALF 
OF  THE  BUSINESS  SOFTWARE  ALLIANCE 

Ms.  Brown.  Thank  you.  Good  morning,  my  name  is  Melinda 
Brown.  I  am  vice  president  and  general  counsel  of  Lotus  Develop- 
ment Corp.  Lotus  is  an  American  software  company  that  manufac- 
tures a  variety  of  business  software  applications. 


56 

I  want  to  thank  the  committee  for  conducting  this  hearing  and 
the  cosponsors  and  Representative  Goodlatte  for  introducing  this 
bill  and  sponsoring  it.  It's  been  a  long-time  coming,  and  it  is  wel- 
come in  the  eyes  of  the  American  software  industry  and  our  users, 

I'm  here  to  speak  on  behalf  of  the  American  software  industry  in 
very  strong  support  of  this  bill.  We  are  a  user-driven,  market-driv- 
en industry.  That's  how  we  became  a  world  leader  in  software,  be- 
cause we  offer  what  our  users  want.  To  remain  viable,  we  must 
offer  market-leading  features  and  functions  that  customers  demand 
or  they  will  simply  go  elsewhere  to  obtain  what  they  need.  And,  of 
course,  as  we've  discussed,  foreign  suppliers  are  offering,  in  some 
cases,  what  our  users  are  expecting. 

Security  is  a  key  feature  of  software.  It's  often  placed  in  the  top 
three  features  that  users  are  looking  for.  Since  1992,  when  soft- 
ware industry  agreed  with  Government  as  a  compromise,  we've 
been  living  with  a  40-bit  level  on  exporting  our  software.  We've 
been  stating  ever  since  that  we  will  lose  market  share  to  foreign 
competitors  that  can  offer  the  current  encryption  standard  which 
is  DES,  or  56-bit  level  encryption.  The  limit  of  40  bits  will  prevent 
growth,  maturation,  and  full  use  of  the  Internet,  the  Nil,  and  the 
Gil.  Why?  Because  user  privacy  and  protection  of  individual  and 
commercial  data  are  a  reality,  and  if  we  don't  enable  our  customers 
and  our  users  to  protect  in  confidence  the  information  that  flows, 
they  simply  will  not  utilize  our  software. 

The  current  reality:  only  American  companies  are  prevented  from 
offering  market-standard  products  abroad,  and  foreign  products 
have  grown  from  a  handful  in  the  early  1990's  to  about  500  prod- 
ucts, nearly  200  of  which  employ  DES.  The  40-bit  products  that 
were  alluded  to  earlier  are  largely  from  American  suppliers,  not 
foreign  suppliers.  If  the  administration  believes  that  these  prod- 
ucts, these  foreign  products,  are  inferior,  that  they  don't  offer  ro- 
bust security,  then  why  won't  they  let  us  export  products  that 
allow  foreign  cryptographic  products  to  plug-in? 

Another  reality,  frankly,  is  that  smart  criminals,  those  that  are, 
I  think,  the  most  dangerous  to  society  and  present  the  greatest  is- 
sues for  the  Government,  won't  use  mass-market  software,  and 
they  certainly  won't  use  a  Government-sanctioned  solution  such  as 
mandatory  key  escrow. 

The  National  Research  Council  report  affirms  industry's  views 
and  recommends  immediate  export  relief  to  56-bit  level.  I  would 
urge  the  committee  to  review  that  report.  The  committee  of  the 
NRC  included  representatives  from  the  intelligence,  justice,  and  in- 
dustry sectors;  it  was  a  very  high-quality  panel  that  spend  18 
months  reviewing  information,  most  of  it  classified  from  the  Gov- 
ernment. The  Government's  most  compelling  arguments  and  data 
opposing  export  relief  above  40  bits  was  presented  to  this  commit- 
tee, exhaustively  reviewed,  and  the  committee  decided  in  favor  of 
recommending  export  relief  to  56  bits. 

We  cannot  wait  for  implementation  of  a  key  escrow  or  key  recov- 
ery system  that  is  satisfactory  to  or  mandated  by  the  administra- 
tion. This  has  been  a  process  that  has  been  going  on  not  for  1  year, 
but  for  many  years  since  the  announcement  of  the  Clipper  Ship 
proposal.  In  the  meantime,  industry  will  continue  to  suffer.  We  will 
lose  our  world  leadership  share,  and,  eventually,  users  will  simply 


57 

default  to  the  foreign  suppliers.  I  am  here  to  urge  you,  if  not  in  this 
session,  in  the  next  session,  to  grant  export  relief  to  the  American 
software  industry. 

Thank  you. 

[The  prepared  statement  of  Ms.  Brown  follows:] 

Prepared  Statement  of  Melinda  Brown,  Vice  President  and  General  Coun- 
sel, Lotus  Development  Corp.,  on  Behalf  of  the  Business  Software  Alli- 
ance 

Good  Morning.  My  name  is  Melinda  Brown  and  I  am  Vice  President  and  General 
Counsel  of  Lotus  Development  Corp.  with  headquarters  in  Cambridge,  Massachu- 
setts. Lotus  develops  and  sells  business  software  including  such  highly  popular  pro- 
grams as  Lotus  Notes. 

I  greatly  appreciate  the  opportunity  to  appear  today  before  this  Committee  on  be- 
half of  the  Business  Software  Alliance  (BSA).  The  Business  Software  Alliance  pro- 
motes the  continued  growth  of  the  software  industry  through  its  international  public 
policy,  education,  and  enforcement  programs  in  65  countries  throughout  North 
America,  Europe,  Asia,  and  Latin  America.  BSA  worldwide  members  include  the 
leading  publishers  of  software  for  personal  computers  including  Adobe,  Autodesk, 
Bentley  Systems,  Lotus  Development,  Microsoft,  Novell,  The  Santa  Cruz  Operation, 
and  Symantec.  BSA's  Policy  Council  consists  of  these  software  publishers  and  other 
leading  computer  technology  companies  including  Apple  Computer,  Computer  Asso- 
ciates, Digital  Equipment  Corp.,  IBM,  Intel,  and  Sybase. 

But  we  really  are  here  today  to  speak  on  behalf  of  the  tens  of  millions  of  users 
of  American  software  products.  The  American  software  industry  has  succeeded  be- 
cause we  have  listened  and  responded  to  _the  needs  of  computer  users  worldwide. 
We  develop  and  sell  products  that  users  want  and  are  willing  to  pay  for.  We  have 
no  ability  to  force  users  to  buy  what  they  don't  want. 

One  of  the  most  important  features  computer  users  are  demanding  is  the  ability 
to  protect  their  electronic  information  and  to  securely  interact  worldwide.  American 
companies  have  innovative  products  which  can  meet  this  demand  and  compete 
internationally.  But  there  is  one  thing  in  our  way — the  continued  appUcation  of  out- 
dated, unilateral,  "munitions"  export  controls  by  the  U.S.  Government. 

For  that  reason  BSA  strongly  supports  H.R.  3011,  the  Security  and  Freedom 
through  Encryption  (SAFE)  Act.  Right  at  the  start  I  want  to  commend  Representa- 
tive Goodlatte  for  his  vision  and  leadership  in  introducing  this  biU,  and  the  other 
Members  of  this  Committee  who  have  cosponsored  the  bill — Representatives  Moor- 
head,  Schroeder,  Coble,  Barr,  Bono,  Lofgren,  Boucher,  Chabot,  Frank,  Heineman 
and  Jackson  Lee.  We  also  thank  the  distinguished  Ranking  Member,  Mr.  Conyers, 
for  his  support.  Finally,  thank  you,  Mr.  Chairman,  for  holding  this  hearing. 

I  also  want  to  thank  Senator  Bums  for  introducing  S.  1726,  the  Promotion  of  Com- 
merce On-Line  In  The  Digital  Era  (Pro-CODE)  Act  and  Senator  Leahy  for  introduc- 
ing S.1587,  the  Encryption  Communications  Privacy  Act  (ECPA)  as  well  as  recog- 
nize Chairman  Pressler's  strong  support. 

While  these  bills  differ  in  some  respects,  they  all  modernize  export  laws  regarding 
software  and  hardware  with  encryption  capabilities  thereby  permitting  American 
software  companies  to  compete  on  a  level  international  playing  field  and  providing 
computer  users  adequate  protection  for  their  confidential  information.  But  it  also  is 
important  to  remember  that  the  Administration  can  on  its  own  initiative  liberalize 
these  controls  at  any  time. 

THE  importance  OF  THE  AMERICAN  SOFTWARE  INDUSTRY 

The  incredibly  dynamic  U.S.  computer  software  industry  is  an  American  success 
story.  Since  1980  the  industry  .has  grown  seven  times  faster  than  the  rest  of  the 
economy  and  today  is  now  larger  than  all  but  five  manufacturing  industries.  Con- 
servative estimates  are  that  more  than  500,000  people  are  employed  in  the  com- 
puter software  industry  alone — more  than  1.2  million  are  employed  in  the  software, 
hardware  and  semiconductor  industries.  This  economic  success  has  fueled  the  R&D 
for  new  generations  of  products  and  spurred  an  abundance  of  market-leading  prod- 
ucts and  choices.  Today,  computer  users — consumers — enjoy  unprecedented  access  to 
information  that  is  changing  the  way  we  all  live  and  work.  A  prime  example  is  the 
Global  Information  Infrastructure,  which  is  made  possible  by  the  software  that 
routes  information  and  helps  the  user  navigate  oceans  of  information. 

The  computer  software  industry  also  is  one  of  oiu-  country's  most  internationally 
competitive.  American-produced  software  accounts  for  over  70%  of  the  world  market 
in  software,  with  exports  of  U.S.  programs  constituting  half  of  many  software  com- 


58 

panics'  revenues.  This  means  jobs,  highly-skilled,  well-paid  jobs,  and  economic  pros- 
perity here  in  the  U.S. 

THE  NEED  FOR  IMMEDIATE  EXPORT  CONTROL  RELIEF 

1.  The  Importance  of  Encryption 

Everyone  agrees  that  strong  encryption  is  essential  to  fulfilling  the  promise  of  the 
Global  Information  Infrastructure  (Gil).  Encryption  can  protect  the  confidentiality 
and  privacy  of  electronic  information  as  well  as  ensure  its  authenticity  and  integ- 
rity. Withoutencryption,  businesses  and  individuals  will  not  entrust  their  valuable 
proprietary  information,  creative  content,  electronic  commerce,  and  sensitive  per- 
sonal information  to  move  over/travel  within  electronic  networks.  Those  who  do  will 
risk  unauthorized  disclosure,  theft  and  alteration  of  their  information  or  trans- 
action. 

The  widespread  use  of  encryption  is  also  necessary  to  protect  our  national  secu- 
rity. Without  encryption  the  electronic  networks  that  control  such  critical  functions 
as  airline  flights,  health  care  ftinctions,  electrical  power  and  financial  markets  re- 
main highly  vulnerable.  Indeed,  recently  the  nation's  leading  papers  have  paid 
greater  attention  to  the  possibilities  of  "cyberterrorism"  and  "infowar." 

2.  The  Problem  With  Current  Unilateral  U.S.  Export  Controls 

Currently  there  are  no  restrictions  on  the  use  of  crjrptography  within  the  United 
States.  However,  the  United  States  Government  maintains  strict  unilateral  "muni- 
tions" export  controls  on  computer  software — even  mass  market  software  programs 
such  as  Lotus  Notes — which  offers  strong  encryption  capabilities.  Therefore,  we  can 
provide  programs  vdth  strong  encryption  to  customers  in  the  United  States  but  we — 
and  they — can't  export  those  same  programs.  This  is  problematic  for  users  because 
they  need  global  interoperability  and  for  software  companies  because  of  the  addi- 
tional cost  of  developing  and  selling  two  versions  of  tiieir  program  worldwide  to 
meet  this  user  need. 

The  inability  of  American  software  companies  to  supply  their  users  worldwide 
with  strong  encryption  to  meet  their  legitimate  needs  for  information  security  di- 
rectly threatens  the  continued  success  of  our  industry.  Moreover,  American  com- 
puter users'  information  remains  vulnerable.  Finally,  and  perhaps  most  importantly, 
U.S.  export  controls  threaten  to  dislodge  continued  American  leadership  in  develop- 
ing the  Global  Information  Infrastructure. 

American  software  companies  have  been  forced  to  continue  limiting  the  strength 
of  their  encryption  to  the  1992  40-bit  key  length  level^Kiespite  an  Administration 
commitment  at  that  time  to  increase  key  lengths  regularly  to  take  into  account  tech- 
nological and  market  developments.  This  40-bit  level  ignores  the  facts  that:  the  cvir- 
rent  world  benchmark  is  DES  with  56-bit  keys,  hundreds  of  alternatives  are  avail- 
able from  foreign  manufacturers  and  off  the  Internet  (about  half  using  DES),  and 
40  bit  encrj^tion  is  susceptible  to  commercial  attack. 

3.  DES-Level  Strength  Encryption  Is  The  Minimum  Necessary  Today  For  Vendors 

To  Be  Competitive  and  User  Information  To  Be  Properly  Protected 
The  Data  EncrjT)tion  Standard  (DES)  algorithm  with  56-bit  key  lengths  (devel- 
oped by  government  and  industry  in  the  1970's)  continues  to  be  the  worldwide 
"benchmark"  algorithm  It  is  taught  in  classrooms  everywhere.  It  remains  the  U.S. 
Government's  standard  for  unclassified  confidential  information.  Moreover,  all  the 
proposed  "Internet  Protocols"  addressing  security  call  for  encryption  at  least  at  the 
DES  level  (recognizing  the  growing  popularity  of  "triple  DES"  with  112-bit  keys  and 
POP  with  128-bit  keys).  It  is  essential  to  understand  that  the  backbone  of  the  Glob- 
al Information  Infrastiixcture  is  the  Internet — a  network  of  networks  not  controlled 
by  any  one  government  or  organization.  In  the  last  few  years,  American  companies 
have  recognized  that  they  must  adapt  their  business  plans  to  work  with  the 
Internet,  rather  than  instead  of,  or  even  in  addition  to,  the  Internet.  Companies 
wishing  to  provide  software  for,  or  do  business  on,  the  Internet  must  acknowledge 
such  standards  if  they  are  to  have  any  chance  of  gaining  widespread  acceptance. 

Continued  unilateral  U.S.  export  controls  also  have  not  been  effective  in  restrict- 
ing the  availability  of  encryption  abroad.  A  recent  Department  of  Commerce  study 
confirms  the  widespread  availabihty  of  foreign  manufactured  encryption  prograuns 
and  products.  An  on-going  industry  study  reveals  that  as  of  December  1995  there 
were  497  foreign  programs  and  products  available  from  21  countries,  193  of  which 
employ  DES.  (There  are  also  684  American  programs  and  products — 330  with 
DES — readily  transferable  abroad  with  a  modem  and  public  telephone  Une).  The 
General  Accounting  Office  also  confirmed  last  year  industry's  assertion  that  sophis- 
ticated encryption  software  on  foreign  Internet  sites  were  widely  available  to  foreign 


59 

users.  Pretty  Good  Privacy  ("PGP") — with  128-bit  keys — is  available  for  free  on  the 
Internet  and  is  soaring  in  popularity. 

I  would  like  to  mention  just  two  specific  examples  with  respect  to  this  foreign 
availability  of  products.  First,  we  understand  that  the  world's  largest  telecommuni- 
cations company — Nipon  Telephone  and  Telegraph  (NTT) — is  about  to  market  triple- 
DES  chips  worldwide.  Some  will  tell  you  that  the  Japanese  Government  has  prom- 
ised our  Government  that  they  will  not  allow  the  chip  to  be  exported:  but  that  is 
not  what  BSA  representatives  were  told  in  Japan  last  month  and  it  is  certainly  not 
the  approach  taken  in  a  recent  edition  of  Japan  Computing.  Second,  the  Apache 
Group,  based  in  the  U.K.,  announced  in  April  that  its  Apache  Unix  Internet  Server 
software  with  very  strong  encryption  now  has  a  29%  market  share. 

There  also  can  be  little  dispute  that  information  encrypted  at  the  40-bit  level  no 
longer  provides  sufRcient  protection  against  even  casual  hackers  using  idle  comput- 
ers. Students  with  Ecole  Polytechnique  and  at  our  own  MIT  have  "bmte  force 
cracked"  such  40-bit  encryption.  Indeed,  a  report  released  earlier  this  year  by  seven 
of  the  leading  private  sector  cryptologists  and  computer  scientists  highlighted  the 
vulnerability  of  40-bit  keys  to  commercial  attack. 

For  all  these  reasons,  in  order  to  keep  U.S.  software  companies  on  a  level  inter- 
national pla5^ng  field  and  permit  computer  users  to  properly  protect  their  electronic 
information,  it  is  necessary  to  immediately: 

Permit  the  export  under  a  Department  of  Commerce  general  license  of  soft- 
ware programs  using  the  DES  algorithm  with  56-bit  keys  and  other  algorithms 
(e.g.,  RC2/RC4)  at  comparable  strengths  (with  unlimited  key  lengths  for  key 
management); 

Automatically  increase  key  lengths  two  bits  every  three  years  given  the  re- 
ality of  "Moore's  Law"  which  holds  that  the  computing  power  for  the  same  costs 
doubles  every  two  years  (i.e.,  institute  a  Cost  of  Cracking  Adjustment  or 
"OCA"); 

Broaden  existing  Licensing  for  programs  using  even  stronger  encryption  (e.g. 
128bit  encryption  for  financial  applications); 

Permit  the  export  of  software  with  "hooks,"  or  Application  Programming 
Interfaces,  enabling  foreign  customers  to  "plug  in"  whatever  encryption  they 
may  obtain  and  use  in  other  countries;  and 

Remove  remaining  export  control  restrictions  on  non-confidentiality  uses  of 
cryptography  (i.e.  key  management,  authorization,  integrity,  signatures),  on  the 
personal  use  of  crj^ptographic  programs  abroad  by  American  citizens,  and  by 
U.S.  multinational  corporations. 
This  is  the  minimum  that  needs  to  be  done — and  done  now! 

4.  The  NRC's  CRISIS  Report  Echoes  These  Views 

As  you  know,  a  blue  ribbon  National  Research  Council  (NRC)  Committee  has 
called  for  U.S.  policies  which  foster  the  broad  use  of  encryption  technologies.  The 
Committee's  report  echoes  what  industry  has  been  saying  for  several  years  regard- 
ing the  need  for  export  control  relief  Importantly,  the  Committee  concluded  that  as 
demand  for  products  with  encrj^jtion  capabilities  grows  worldwide,  foreign  competi- 
tion could  emerge  at  levels  significant  enough  to  damage  the  present  U.S.  world 
leadership  in  information  technology  products.  The  Committee  felt  it  was  important 
to  ensure  the  continued  economic  growth  and  leadership  of  key  U.S.  industries  and 
businesses  in  an  increasingly  global  economy,  including  American  computer,  soft- 
ware and  communications  companies.  The  Committee  called  for  an  immediate  and 
easy  exportability  of  products  with  DES  level  encryption.  The  Committee  also  noted 
that  this  would  have  to  be  updated  periodically. 

I  also  want  to  say  just  a  word  about  two  other  critical  conclusions  of  the  NRC's 
CRISIS  report. 

First,  the  Committee  found  that  wider  use  of  cryptography  not  only  protects  per- 
sonal privacy  and  helps  American  businesses — ^but  it  also  promotes  national  security 
by  protecting  the  civilian  information  infrastructure  and  promotes  law  enforcement 
by  preventing  economic  crimes.  The  Committee  found  that  on  balance  the  advan- 
tages of  more  widespread  use  of  encryption  outweighed  the  disadvantages. 

Second,  the  Committee  concluded  that  encrs^tion  policies  can  be  discussed  and 
established  on  an  unclassified  basis.  This  is  critical.  All  too  often  we  in  industry 
have  heard  from  government  that  "if  you  knew  what  I  knew  then  you  would  agree 
with  us  and  you  would  not  be  asking  for  export  control  relief."  Importantly,  13  of 
the  16  members  of  the  NRC's  committee  had  security  clearances  and  received  classi- 
fied briefings.  Yet  they  concluded  that  although  important  for  specific  situations, 
classified  material  is  not  essential  for  understanding  current  cryptography  policy  or 
how  the  technology  should  evolve. 


60 

BSA  STRONGLY  SUPPORTS  PENDING  LEGISLATION  BECAUSE  IT  PROVIDES  NEEDED 
EXPORT  CONTROL  RELIEF 

The  SAFE,  ECPA  and  Pro-CODE  bills  recognize  as  a  fundamental  proposition 
that  the  United  States  should  not  try  to  control  the  export  of  something  that  is,  in 
fact,  uncontrollable.  It  makes  little  sense  for  our  government  to  require  individual 
validated  export  licenses  for  the  export  of  software  that  is  generally  available  by  vir- 
tue of  being  mass  marketed  commercially,  distributed  via  the  Internet,  or  found  in 
the  public  domain.  Nor  should  computer  hardware  be  so  controlled  simply  because 
it  incorporates  such  software.  In  short,  if  it  is  "out  there,"  if  it  is  already  available 
to  millions  of  people  easily  and  readily  transferable  electronically,  then  it  makes  lit- 
tle sense  to  continue  trying  to  control  such  exports. 

Importantly,  the  bills  do  enable  the  Secretary  of  Commerce  to  continue  controls 
in  countries  of  terrorist  concern  or  other  embargoed  countries  pursuant  to  the  Trad- 
ing With  The  Enemy  Act  or  the  International  Emergency  Economic  Powers  Act. 

In  addition,  the  bills  provide  that  if  DES-level  products  have  been  permitted  to 
be  exported  to  foreign  banks,  then  they  should  be  exportable  to  other  foreign  com- 
mercial purchasers  in  that  country.  Note  that  the  type  of  software  and  hardware 
we  are  talking  about  here  is  a  "custom"  product  (if  it  were  generally  available  it 
would  qualify  for  automatic  general  license  treatment  under  the  bill's  other  provi- 
sion). Because  it  is  at  least  theoretically  possible  to  control  such  exports,  the  ques- 
tion then  occurs  as  to  what  should  be  the  allowable  level  of  encrj^jtion.  For  the  rea- 
sons I  explained  earlier,  nothing  less  than  DES  and  its  equivalents  will  do. 

Once  again,  the  bills  do  contain  safeguards:  the  Secretary  of  Commerce  is  not  re- 
quired to  permit  such  exports  if  there  is  substantial  evidence  that  the  software  will 
be  diverted  or  modified  for  military  or  terrorist  use  or  re-exported  without  requisite 
U.S.  authorization. 

Finally,  I  do  want  to  note  that  we  beUeve  the  sponsors  and  supporters  of  the  var- 
ious bills  have  made  a  wise  decision  in  seeking  to  make  explicit  what  is  now  implicit 
under  existing  laws — that  there  is  not  and  should  not  be  any  restriction  on  the  do- 
mestic use,  choice  or  sale  of  strong  cr3T)tography.  Some  argue  that  it  is  already  law 
because  there  is  nothing  to  the  contrary.  That  is  correct — nevertheless  we  believe 
that  it  is  important  and  helpful  to  explicitly  reaffirm  the  rights  of  Americans  in  this 
area. 

KEY  ESCROW  ENCRYPTION  IS  NOT  THE  HOLY  GRAIL 

There  has  been  much  discussion  about  obtaining  access  to  the  keys  with  which 
users  encrypt  information.  For  example,  it  is  certainly  possible  to  envision  compa- 
nies or  organizations  wanting  access  to  the  keys  of  their  employees  so  as  to  be  able 
to  recover  encrypted  information  generated  in  the  course  of  their  work.  Presumably 
someone  within  the  organization,  or  a  third  party  voluntarily  entrusted  by  that  or- 
ganization, would  hold  the  key.  We  call  this  key  recovery  encryption. 

Many  of  our  corporate  customers  have  begun  to  express  interest  in  key  recovery 
systems.  Unlike  government  key  escrow  proposals,  however,  the  commercial  demand 
for  key  recovery  encryption  is  limited  to  stored  data  (including  e-mail,  which  is  store 
and  send).  It  does  not  extend  to  communications. 

Importantly,  to  the  extent  that  such  key  recovery  encryption  products  are  widely 
used,  then  much  information  will  be  available  to  the  government  for  law  enforce- 
ment piuposes  under  appropriate  judicial  procedures — just  like  physical  property, 
including  memoranda,  letters,  and  files,  is  today.  But  users  must  see  the  value  of 
key  recovery  features  and  want  to  use  them.  Whereas  if  the  government  mandates 
key  escrow  in  order  to  server  export  control  poUcies,  the  likely  result  is  that  no  one 
will  use  products  implementing  these  features  thereby  frustrating  law  enforcement 
objectives.  In  short,  any  key  recovery  system  must  result  from  a  user-driven,  mar- 
ket-led process.  It  cannot  be  a  mandated,  government-designed,  top-down,  one-size- 
fits-all  solution. 

I  would  note  that  for  all  these  reasons,  the  NRC  Committee  recommended  a  policy 
of  "deliberate  exploration"  rather  than  one  of  "aggressive  promotion."  We  couldn't 
agree  more. 

Moreover,  because  it  is  going  to  take  a  long  time  to  achieve  international  agree- 
ments on  the  export,  import  and  use  of  products  that  implement  key  escrow  or  key 
recovery  features,  it  is  essential  that  immediate  export  control  relief  be  granted  for 
non-key  escrow  encryption  products.  As  I  hope  I  have  explained,  we  simply  cannot 
afford  to  wait  any  longer. 


61 

CONCLUSION— THE  WINDOW  OF  OPPORTUNITY  IS  CLOSING  QUICKLY 

In  conclusion,  let  me  say  that  there  appears  to  be  a  fundamental  misunderstand- 
ing among  some  in  government  that  inaction  and  delay  in  updating  export  controls 
works  to  the  government's  advantage.  I  strongly  disagree.  The  world  is  not  standing 
still.  Major  foreign  companies  already  are  offering  triple  DES  hardware  products. 
Several  American  companies  already  have  begun  selling  128-bit  software  products 
in  the  U.S.  Despite  the  advantages  which  would  accrue  to  users  and  vendors  from 
secure  global  interaction  at  56-bits  using  a  single  version  of  a  product,  current  U.S. 
export  controls  have  forced  BSA  member  companies  to  incur  the  additional  costs  of 
developing  and  supporting  two  versions  of  our  products.  And  as  more  and  more  U.S. 
software  vendors  begin  to  offer  128-bit  non-key  escrow  encryption  domestically, 
there  is  no  way  to  see  how  this  would  work  to  law  enforcement's  advantage  in  the 
short  run — or  intelligence  agencies'  benefit  in  the  long  run  as  128-bit  foreign  pro- 
grams become  the  norm. 

The  time  for  action  is  now.  In  order  to  keep  American  vendors  on  a  level  inter- 
national playing  field  and  American  computer  users  adequately  protected  in  the 
near  term,  software  programs  with  encryption  at  DES-level  strengths  must  be  im- 
mediately exportable.  The  legislation  currently  pending  in  Congress  will  do  just 
that — although  the  Administration  could  act  any  time  on  its  own  to  change  its  cur- 
rent policy. 

Thank  you. 

Mr.  GOODLATTE.  Thank  you,  Ms.  Brown. 
Ms.  Katz,  welcome. 

STATEMENT  OF  ROBERTA  R  KATZ,  SENIOR  VICE  PRESIDENT, 
GENERAL  COUNSEL  AND  SECRETARY,  NETSCAPE  COMMU- 
NICATIONS CORP. 

Ms.  Katz.  Thank  you,  and  good  morning.  My  name  is  Roberta 
Katz,  and  I  am  the  senior  vice  president,  general  counsel,  and  sec- 
retary of  Netscape  Communications  Corp.  located  in  Mountain 
View,  CA.  I'm  also  here  today  on  behalf  of  the  ITAA  and  the  SPA, 
whose  memberships  include  thousands  of  companies. 

I  want  to  thank  you  very  much  for  the  privilege  of  testifying  on 
this  issue,  which  we  believe  is  of  utmost  importance  for  the  country 
as  a  whole.  This  issue  is  at  the  heart  of  the  movement  of  American 
commerce  and  communications  to  the  Internet.  I  also  want  to  state 
unequivocally  that  we  are  sjnnpathetic  to  the  concerns  of  law  en- 
forcement and  national  security.  In  my  former  role  as  general  coun- 
sel of  McCaw  Cellular,  I  participated  with  the  Government  in  sev- 
eral investigations,  and  we  do  understand  the  importance  of  these 
national  security  and  law  enforcement  issues. 

Let  me  begin  by  stating  that  we  are  in  the  midst  of  a  major 
transformation  in  how  we  communicate  in  this  country  and  glob- 
ally. On  the  plane  on  my  way  here,  I  was  struck  by  the  fact  that 
virtually  every  magazine  and  every  newspaper  that  I  looked  at  had 
not  just  one,  but  a  variety  of  articles  about  the  influence  of  the 
Internet  in  our  daily  lives.  The  fact  is  that  Americans  are  shifting 
their  day-to-day  endeavors  to  the  Internet,  and  the  kinds  of  issues 
that  I  looked  at  in  the  newspaper  included  inner-city  and  rural 
children  getting  access  to  broad  new  worlds  through  the  Internet 
from  their  libraries  and  their  schools.  I  read  about  MBA  programs 
that  are  now  being  offered  online.  I  read  about  the  new  phenome- 
non of  people  using  the  Internet  to  look  for  jobs,  and  I  read  dozens 
of  articles  about  businesses  that  are  changing,  absolutely,  how  they 
do  commerce — how  they  buy  goods  and  how  they  sell  their  own 
goods — ^because  of  the  existence  of  the  Internet  and  the  smaller 
"Intranets"  that  connect  into  the  Internet. 


36-300    96-3 


62 

This  phenomenon  has  come  on  us  with  great  speed  and  great 
force,  in  large  part  because  the  Internet  addresses  some  very  basic 
needs  that  we  have  in  how  we  communicate.  This  new  medium  cre- 
ates tremendous  savings  in  time  and  money.  As  a  result,  on  a  daily 
basis  we're  seeing  our  economy  move  to  this  new  medium.  In  other 
words,  we  can't  turn  back.  And  that  is  precisely  why  this 
encryption  issue  is  so  important  to  the  country.  It's  for  our  collec- 
tive future. 

We  Americans  are  accustomed  to  privacy  in  our  communications. 
We  don't  like  giving  out  our  credit  card  numbers  or  our  trade  se- 
crets or  our  Social  Security  numbers  to  the  world-at-large,  and  as 
more  and  more  of  our  private  business  is  transferred  to  the 
Internet,  we  will  also  expect  to  find  privacy  and  security  there.  The 
way  we  find  it  is  through  encryption.  Right  now,  that's  the  only 
way  we  find  privacy  and  security  on  the  Net.  And  I'd  like  to  just 
mention — and  I  think  you  know — that  encryption  is  nothing  more 
than  a  string  of  numbers  that  surround,  and  protect,  the  private 
communication.  That's  the  whole  issue  here.  We  sometimes  talk  in 
these  highly  technical  terms,  but  we're  really  just  talking  about 
this  bundle  of  numbers  around  a  private  communication.  The 
whole  issue  with  the  key  is  that  the  key  is  what  "unlocks"  the  bun- 
dle of  numbers  to  reveal  the  private  communication  underneath. 

I  want  to  talk  very  briefly  about  why  we  at  Netscape  are  so  wor- 
ried about  the  current  state  of  the  law  and  about  the  administra- 
tion's proposals  for  change.  First,  the  current  worldwide  standard 
for  strong  encryption  is  128-bit  code.  Americans  are  no  longer  the 
only  producers  of  128-bit  encryption;  we've  talked  about  that  this 
morning.  There  are  a  growing  number  of  companies  throughout  the 
world  which  are  now  producing  strong  encryption.  The  more  the 
Internet  is  used,  the  greater  will  be  the  demand  for  the  strong 
encryption. 

The  last  2  years  have  demonstrated  phenomenal  growth  in  our 
awareness  of  the  Internet  and  our  use  of  the  Internet  for  simple 
things,  like  surfing.  But  more  and  more  we're  seeing  commerce  and 
other  economically  important  communications  move  to  the  Net,  and 
with  that  move,  the  awareness  of  privacy  concerns  and  the  need  for 
encrjrption  are  growing.  So,  we  see  that  this  new  focus  on 
encr3rption,  and  by  that  we  mean  strong  encryption  is  coming  with 
great  speed  and  great  force.  If  American  companies  can't  meet  this 
growing  worldwide  demand  for  strong  encryption  because  of  our  ex- 
port laws,  foreign  companies  will  certainly  step  in  to  fill  the  void. 
When  they  do,  America  will  lose  its  leadership  in  this  very  vital 
arena. 

If  America  does  lose  this  leadership,  America's  law  enforcement 
and  national  security  interests  will  be  further  compromised.  While 
today  American  law  enforcement  can  and  actually  does  consult 
with  American  companies  as  the  leaders  in  encryption  technology, 
they  will  not  be  able  to  do  this  if,  in  fact,  leadership  in  this  area 
passes  to  foreign  companies.  We  must  keep  in  mind  that  the 
Internet  is  a  global  medium  designed  to  facilitate  cross-country 
communication.  Surely,  it  is  in  Ainerica's  interest  for  American 
companies  to  remain  the  encr5T)tion  leaders,  and  this  can  only  hap- 
pen if  American  companies  can  meet  the  demand  of  the  global  mar- 


63 

ketplace.  In  other  words,  we  must  be  able  to  export  that  which  we 
can  already  provide  customers  within  our  domestic  borders. 

Even  U.S.  companies  with  foreign  offices  want  strong  encryption 
for  all  of  their  offices,  so  if  they  can  get  from  an  American  company 
encr3T)tion  that  only  meets  their  needs  in  New  York,  Chicago,  and 
Los  Angeles,  but  does  not  meet  their  needs  in  Madrid  and  Tokyo, 
they  will  turn  to  a  foreign  company  which  can  meet  the  entire 
package  of  needs. 

And  that  brings  me  to  my  third  point.  Our  export  controls  actu- 
ally make  our  national  information  insecure.  We  talked  this  morn- 
ing about  the  fact  that  40-bit  code  can  be  readily  cracked,  and  as 
already  noted  the  worldwide  perception  is  that  only  strong 
encryption  is  secure  today,  and  the  definition  of  strong  encryption 
will  change  rapidly  with  every  new  technological  advance.  If  Amer- 
ican companies  can't  use  strong  encryption  throughout  their  global 
operations,  we  leave  ourselves  all  the  more  open  to  industrial  espi- 
onage and  cyberterrorism.  And  as  was  just  pointed  out,  this  was 
absolutely  confirmed  by  the  NRC  report. 

Finally,  let  me  address  our  concerns  about  linking  export  permis- 
sions with  the  requirement  that  the  user  of  strong  encryption  es- 
crow private  keys.  We  do  view  this  as  mandatory,  that  link  be- 
tween export  permissions  and  the  requirement  of  implementing 
some  kind  of  key  recovery.  Sadly,  we  do  not  believe  a  satisfactory 
mandatory  key  escrow  system  can  be  built  to  meet  the  concerns  of 
law  enforcement  and  national  security.  The  Internet  is  global  in 
scope,  touching  the  citizens  of  virtually  every  country  in  the  world, 
not  just  the  OECD  countries.  It  encompasses  literally  millions  of 
communications  each  hour.  One  can  hardly  fathom,  let  alone  build, 
a  bureaucracy  that  would  be  sufficient  to  capture  the  millions  and 
millions  of  keys  that  are  likely  to  be  generated  every  day  through- 
out the  world  as  the  need  for  privacy  and  security  on  the  Net  be- 
comes more  evident. 

Moreover,  other  pragmatic  questions  arise.  Will  a  Japanese  com- 
pany want  to  escrow  keys  with  the  United  States  Government  or 
its  agent?  Will  a  United  States  company  worried  about  industrial 
espionage  be  willing  to  escrow  keys  with  the  French  Government 
or  its  agents,  and,  again,  I  want  to  point  out  that  we're  talking  ex- 
port here,  so  if,  in  fact,  the  issue  is  foreign  usage,  then  the  escrow 
has  to  allow  a  foreign  government  to  get  to  the  keys. 

Finally,  as  recently  noted  by  the  Internet  Architecture  Board, 
even  with  mandatory  key  escrow  there  are  technological  ways  to 
circumvent  the  escrow,  and  criminals  will  have  no  compunction 
about  using  these  avoidance  technologies.  This  is  not  to  say  that 
we  don't  support  voluntary  key  escrow;  we  do.  Voluntary  key  es- 
crow means  users  of  strong  encryption  will  have  the  choice  and  not 
the  requirement  to  escrow  their  keys,  and  we  do  believe  that  over 
time  more  and  more  companies  will  choose  to  escrow  keys.  But  that 
is  very  different  from  a  mandatory  requirement  associated  with 
permission  to  export. 

For  us  right  now,  this  issue  is  about  lost  sales,  but  I  submit  to 
you  that  the  stakes  are  far  greater.  America  stands  to  lose  much 
unless  we  take  a  more  realistic  approach  to  export  controls.  In  this 
regard,  it  is  not  a  matter  of  industry  versus  the  Government;  rath- 
er, we  believe,  we  are  all  in  this  together.  If  we  in  industry  are  cor- 


64 

rect  about  where  the  Internet  and  the  market  for  strong  encryption 
are  going,  then  we  all  will  lose  much  if  we  do  not  substantially  re- 
vise our  export  controls  as  quickly  as  possible.  H.R.  3011  recognizes 
this  problem  and  provides  a  good  solution  to  it.  We  support  it. 

Thank  you  very  much. 

[The  prepared  statement  of  Ms.  Katz  follows:] 

Prepared  Statement  of  Roberta  R.  Katz,  Senior  Vice  President,  General 
Counsel  and  Secretary,  Netscape  Communications  Corp. 

I.  introduction 

Good  morning  and  thank  you,  Mr.  Chairman.  My  name  is  Roberta  Katz  and  I  am 
the  Senior  Vice  President,  General  Counsel,  and  Secretary  of  Netscape  Communica- 
tions Corporation  of  Mountain  View,  California.  I  am  also  here  on  behalf  of  two 
trade  organizations,  the  Information  Technology  Association  of  America  ("ITAA") 
and  the  Software  Publishers  Association  ("SPA"),  whose  collective  memberships  rep- 
resent thousands  of  companies  worldwide.  Mr.  Chairman,  I  want  to  thank  you  for 
the  privilege  of  testifying  on  this  important  issue.  It  is  a  pleasure  to  be  here. 
Netscape  enthusiastically  supports  H.R.  3011.  We  want  to  work  with  all  members 
of  the  Committee  so  that  together  we  can  reform  outdated  export  controls  on 
encryption. 

Mr.  Chairman,  I'd  like  to  start  by  talking  about  the  history  of  export  controls  on 
encryption  and  bring  some  context  to  today  s  urgent  need  for  change  to  a  Cold  War 
era  policy.  Export  controls  are  being  used  inappropriately  to  drive  domestic 
consumer  behavior,  industrial  planning  and  investment,  and  the  information  econ- 
omy. 

II.  THE  internet  CHANGES  EVERYTHING:  NEW  PRODUCTS  AND  NEW  USES  FOR 

encryption 

For  many  years,  encryption  policy  was  set  as  quietly  as  possible  by  the  National 
Security  Agency  ("NSA").  Elected  and  politically  appointed  officials  in  Washington 
scarcely  knew  there  was  an  encr5T)tion  policy,  let  alone  what  it  was.  Occasionally, 
issues  relating  to  encryption  would  surface  briefly.  These  hearings  and  this  yearns 
heightened  discussion  mark  a  sea  change  in  encryption  policymaking — that  it  is  oc- 
curring out  in  the  open,  in  public,  and  is  being  widely  discussed  and  debated. 

This  democratization  of  the  issue  reflects  important  social  changes  in  the  use  of 
encryption.  In  a  short  time,  encryption  has  come  a  very  long  way  from  being  chiefly 
a  tool  for  preserving  secrecy  of  (iplomatic  and  military  communications  to  being  an 
integral  part  of  contemporary  computer  communications.  These  social  changes  are 
largely  the  result  of  the  advent  of  the  Internet  transforming  computers  and  other 
devices  into  global  communications  tools  for  all  individuals.  As  more  and  more  peo- 
ple access  the  Internet  and  appreciate  its  possibilities  and  riches,  this  debate  be- 
comes a  proper  subject  for  public  discussion  and  should  be  shaped  significantly  by 
the  needs  of^  individual  Americans  and  American  jobs,  rather  than  simply  by  tradi- 
tional national  security  and  law  enforcement  interests. 

Soon,  100  million  people  will  be  connected  to  each  other  over  the  Internet.  Be- 
cause interconnected  computers  and  networks  are  an  important  new  reality,  it  is 
imperative  that  we  assess — now — the  security  of  the  data  flowing  over  those  net- 
works. That's  what  this  debate  is  all  about.  Some  members  have  suggested,  and  per- 
haps even  still  hope,  that  encryption  should  remain  an  esoteric  issue  well  below  the 
Congressional  radar  screen.  We  respectfully  suggest  that  those  days  are  over.  This 
issue  has  profound  consequences,  and  must  be  addressed  by  Congress. 

The  last  twenty  years  of  encryption  policy  seems  like  centuries  when  compared 
to  the  hyper-speed  at  which  the  Internet  industry  has  emerged  and  grown.  Marc 
Andreessen  created  Mosaic,  the  first  Internet  browser,  just  three  years  ago,  while 
a  college  student  in  Illinois.  It  gave  the  average  computer  user  the  ability  to  access 
with  point  and  click  simplicity  a  sprawling  collection  of  computer  networks  around 
the  world  that  is  now  famous  and  known  as  the  Internet.  Jim  Clark,  founder  of  Sili- 
con Graphics,  teamed  up  with  Andreessen  in  1994  to  form  what  became  Netscape 
Communications  Corporation.  Since  I  joined  Netscape  in  May  of  1995,  the  company 
has  grown  from  150  employees  to  nearly  1500.  We  have  offices  in  over  15  countries. 
We  are  the  fastest  growing  software  company  in  history. 

I  know  from  mv  friend  Rep.  Rick  White  (R-WA)  that  many  of  you  have  office  e- 
mail  systems  and  web  sites.  So  it  may  not  surprise  you  that  many  businesses  are 
eager  to  do  commerce  on  the  World  Wide  Web,  reaching  consumers  around  the 
world.  But  what  you  may  not  know  is  that  without  strong  encryption,  electronic 


65 

commerce  on  the  web  cannot  flourish.  For  example,  Omaha  Steaks  sells  its  products 
on  the  web,  but  will  not  sell  to  customers  without  a  128  bit  SSL  Internet  commu- 
nications link.  (For  more  on  SSL,  see  p.  14  below).  Because  of  the  risk  of  computer 
hackers  and  other  criminals  intercepting  their  electronic  communications,  compa- 
nies face  real  risks  in  taking  advantage  of  electronic  commerce  without  the  security 
afforded  by  strong  encr5T)tion.  Internet  users  are  likewise  reluctant  to  use  their 
credit  cards  or  engage  in  other  commercial  transactions  over  the  Internet  unless  128 
bit  encryption  is  in  place.  Without  strong  encryption,  electronic  commerce  cannot 
advance  beyond  where  it  is  today — a  nascent  industry  with  less  than  approximately 
$500  million  in  total  sales. 

I'd  like  to  give  you  some  other  examples  of  networked  computing  that  our  cus- 
tomers want,  and  that  require  strong  encryption.  Corporate  "Intranets"  are  private 
networks  built  on  Internet-based  technology.  They  permit  rapid,  company-wide  ac- 
cess to  information.  Through  an  Intranet,  enterprises  can  run  all  of  their  informa- 
tion and  communication  needs  seamlessly  across  borders,  through  departments, 
from  the  bottom  up.  Instead  of  wondering  who  the  appropriate  person  to  contact  is 
and  having  to  call  a  dozen  people,  custom  directories,  catalogs,  search  engines,  li- 
braries, newsgroups,  personal  pages,  all  internally  hyperlinked  and  indexed,  collec- 
tively exploit  the  intellectual  resources  of  the  company  and  make  them  easily  avail- 
able to  all.  The  Intranet  is  the  ultimate  team  building  tool.  But  information  on  the 
Intranet  must  not  be  accessible  to  outsiders  seeking  to  steal  trade  secrets.     ' 

Another  example  is  groupware  that  allows  team  collaboration  on  projects.  In  the 
world  of  networked  computing,  groupware  allows  engineers  all  over  the  world  to 
work  together.  A  team  of  engineers  in  Chicago  can  complete  their  shift,  then  a  crew 
of  engineers  in  Kuala  Lumpur  can  work  the  next  shift  without  any  time  lag.  They 
might  be  working  on  the  next  supersonic  airplane  design,  the  next  car,  or  the  next 
suspension  bridge.  But  the  information  transmitted  between  multiple  sites  must  be 
secure.  Companies  are  especially  sensitive  to  the  ability  of  dedicated  computer  hack- 
ers and  foreign  intelligence  agencies  to  gain  access  to  this  information.  They  need 
to  protect  that  information,  and  they  will  find  encryption  products — whether  pro- 
duced by  U.S.  companies  or  ovu-  foreign  competitors — that  offer  them  security.  Have 
international  espionage  agents  penetrated  those  networks  and  stolen  the  fruits  of 
billions  of  dollars  of  research,  development,  and  design  work?  The  answer  is  undeni- 
ably yes.  It  is  our  job  to  provide  solutions  to  this  problem,  and  strong  encrs^jtion 
is  the  best  solution  to  this  growing  problem. 

Secure,  networked  computing  offers  enormous  potential  benefits  to  America's  in- 
formation economy.  Small  companies  have  the  chance  to  market  themselves  and  sell 
products  as  a  global  company  to  customers  that  come  to  their  home  page.  Large 
companies  can  better  manage  their  far-flung  operations  and  offices  that  are  scat- 
tered around  the  world. 

Similarly,  the  Internet  lowers  barriers  to  entry  for  individuals.  For  example,  high 
school  students  in  depressed  urban  areas  or  isolated  rural  areas  can  obtain  access 
to  the  best  libraries  in  the  world  easily  and  without  having  to  make  an  expensive, 
long  or  difficult  trip. 

It  is  important  to  understand  that  the  growth  of  the  Internet  is  a  global  phenome- 
non. Societies  around  the  world  recognize  the  value  of  the  Internet,  are  seizing  its 
potential,  and  are  driving  its  growth  in  their  own  countries  and  in  this  country.  Al- 
though the  Internet  may  have  started  in  this  country,  we  are  wise  to  take  note  that 
the  majority  of  its  growth  is  occurring  outside  the  U.S. 

III.  ENCRYPTION  HELPS  LAW  ENFORCEMENT  AND  NATIONAL  SECURITY 

On  balance,  encryption  advances,  rather  than  detracts  from  law  enforcement  and 
national  security  interests  because:  (1)  encryption  prevents  economic  crimes,  includ- 
ing corporate  espionage;  (2)  encryption  helps  to  prevent  "cyber  terrorist"  attacks  on 
our  critical  civihan  infrastructure,  and  (3)  U.S.  leadership  in  encryption  appUcations 
ensures  that  U.S.  technology,  rather  than  foreign  technology,  is  the  world  standard. 

In  the  Defense  Authorization  Bill  of  1994,  Congress  directed 'the  National  Acad- 
emy of  Sciences  to  study  and  report  on  the  advisability  of  reforming  export  controls 
on  encryption.  That  study  was  released  May  31,  1996  by  the  National  Research 
Council  and  has  become  known  as  the  "NRC  report."  This  study  reflects  some  of  the 
new  realities  of  the  Internet  and  the  world  of  networked  computing.  Critically,  the 
NRC  study  reported  that  the  use  of  cryptography  can  help  law  enforcement  and  na- 
tional security. 

In  many  policy  discussions  widespread  use  of  strong  crjqitography  is  presented  as 
a  threat  to  law  enforcement  and  national  security  interests.  Perhaps  the  most  im- 
portant insight  that  comes  from  the  NRC's  report  is  its  conclusion  that  wide  avail- 
ability of  encryption  in  fact  promotes  national  security.  The  report  explains  that  "ex- 


66 

port  controls  have  a  number  of  potentially  negative  effects  on  national  security  that 
policy  makers  must  weigh  against  the  positive  effects  of  reducing  the  use  of  cryptog- 
raphy by  hostile  parties."  (NRC  Report,  Cryptography's  Role  in  Securing  the  Infor- 
mation Society,  May  30,  1996,  at  4-25.) 

Computer  fraud  and  computer-related  crime  rank  high  among  law  enforcement 
concerns.  Wide  deployment  of  strong  cryptography  would  provide  substantial  and  ef- 
fective defenses  against  those  hostile  intelligence  and  criminal  forces.  Indeed,  if  all 
commercial  text  and  voice  communications  were  encrypted,  at  least  when  they 
passed  over  publicly-accessible  communications  links,  we  would  significantly  reduce 
the  risk  of  compromise  of  commercial  and  other  information.  We  have  often  been 
told  by  the  F.B.I,  that  foreign  governments  have  shifted  much  of  their  intelligence 
focus  to  the  business  sector.  Hostile  intelligence  efforts  to  pry  secrets  from  corporate 
America  is  a  genuine  national  security  threat.  Indeed,  the  F.B.I,  strongly  supported 
the  Economic  Espionage  Act  which  passed  both  Houses  this  Congress.  Yet  the  key 
escrow  proposal  advanced  by  the  Bureau,  the  N.S.A.,  and  others  appears  to  offer  the 
very  same  foreign  governments  we  fear  are  spying  upon  us  ex  parse  access  to  the 
corporate  communications  and  trade  secrets  of  U.S.  companies. 

If  the  present  impasse  between  the  policies  proposed  by  law  enforcement  and  by 
industry  continue,  the  Gil  will  not  be  secure  and  will  be  ripe  for  exploitation  by  ma- 
licious forces.  Hearings  organized  this  summer  by  Senator  Sam  Nunn  (D-GA)  before 
the  Senate  Governmental  Affairs  Committee's  Subcommittee  on  Investigations  re- 
vealed that  government  computer  systems,  including  the  Pentagon's,  have  been  re- 
peatedly penetrated.  Our  power  grid,  gas  and  oil  pipelines,  and  stock  exchanges  are 
among  potential  civilian  targets.  In  these  hearings,  computer  security  expert  Peter 
Neumann  testified  that  "[g]ood  cryptography  that  is  properly  embedded  within  the 
infrastructure  is  absolutely  essential"  for  both  national  security  and  economic  com- 
petitiveness. 

Finally,  relaxing  controls  of  encryption  to  law-abiding  foreign  purchasers  would 
permit  U.S.  firms  to  continue  to  lead  the  world  marketplace,  rather  than  losing  con- 
trol to  foreign  competitors.  Because  of  the  significance  of  encryption  applications  in 
the  information  economy,  this  is  an  important  element  of  national  economic  secu- 
rity. But  it  is  also  of  benefit  to  agencies  like  the  N.S.A.,  which  agree  that  U.S.  lead- 
ership in  encryption  standards  advances  other  elements  of  national  security  as  well. 

Paradoxically,  however,  current  U.S.  encryption  policy  undermines  all  three  goals, 
and  produces  unintended  consequences  diametrically  opposed  to  the  intent  of  cur- 
rent policy.  So  in  our  view,  the  core  assumptions  of  export  controls  on  encryption 
are  flawed.  Marketplace  solutions  are  more  attractive  to  consumers  and  better  serve 
long  term  law  enforcement  and  national  security  interests  than  having  government- 
set  standards  whose  purpose  is  to  afford  governments  ex  parte  access  to  communica- 
tions. 

Many  in  Congress,  including  members  of  the  Committee,  to  whom  I  express  my 
particular  appreciation,  recognize  these  flaws  and  support  major  reform  of  existing 
encryption  policy.  They  agree  that  strong  enciyption  is  out  there  and  growing  in 
prominence  as  U.S.  export  controls  grant  non-US  firms  a  critical,  artificial  advan- 
tage in  the  global  marketplace.  Nonetheless,  there  are  some  who  are  hesitant  to  act 
because  they  have  heard  encryption  linked  with  terrorism  by  opponents  of  reform. 

I  believe  it  is  both  illogical  and  unfair  to  make  that  connection.  Terrorists  will  ob- 
tain strong,  non-escrowed  encryption  regardless  of  our  export  control  policy,  and 
plans  for  a  key  escrow  infrastructure  will  not  change  this.  The  Administration  have 
acknowledged  freely — for  example,  at  briefings  held  at  the  National  Institute  of 
Standards  and  Technology  within  the  last  year — that  drug  cartels,  enemy  states  and 
terrorist  cells  will  not  use  escrowed  encryption,  and  instead  will  obtain  unescrowed 
encryption  from  other  sources.  They  are  right:  these  entities  will  not  use  key  escrow. 
Even  if  the  Administration's  plan  prevailed,  they  could  "super-encrypt"  their  mate- 
rial over  an  escrowed  system,  making  it  indecipherable.  (See  p.  19  below)  A  third- 
party  escrow  encryption  infrastructure  would  do  little  to  aid  in  investigating  such 
activity. 

To  this,  many  in  the  Administration  respond  that  terrorists  and  other  criminals 
will  communicate  with  commercial  enterprises  such  as  banks  and  that  obtaining 
these  communications  will  be  helpful  for  investigations.  This  access  is  likely  to  be 
of  far  more  limited  value  in  the  context  of  computer  communications  than  the  access 
that  a  telephone  wiretap  affords  the  government  to  a  suspect's  telephone  commu- 
nications. But  what  is  more,  providing  law  enforcement  access  to  such  communica- 
tions may  not  require  the  intervention  of  U.S.  export  controls.  Consumers  from 
other  countries  are  highly  unlikely  to  buy  a  product  that  they  know  is  exportable 
solely  because  its  keys  are  readily  accessible  by  a  U.S.  Government  agent.  Yet,  for 
reasons  discussed  more  fully  in  the  conclusion  of  my  testimony,  banks  and  other 
large  users  of  computer  communications  technologies  will  likely  choose  voluntarily 


67 

to  keep  an  extra  encrjrption  key  for  purposes  of  data  recovery.  But  they  will  want 
to  decide  on  their  own  where  to  escrow  the  keys  to  enormously  valuable  information 
(in-house  or  somewhere  else),  rather  than  giving  the  key  to  a  government-approved 
agent. 

We  all  need  to  work  with  law  enforcement  and  the  intelligence  agencies  to  better 
respond  to  these  threats.  But  while  Netscape  supports  development  of  an  infrastruc- 
ture of  voluntary  key  recovery,  we  simply  do  not  see  relaxing  controls  on  exports 
of  encryption  to  friendly  countries  as  in  any  way  increasing  the  threat  of  terrorism, 
drug  trafficking  or  other  illegal  activity.  There  will  be  demand  for  self-escrow  serv- 
ices and  supporting  products  and  tools,  and  law  enforcement  of  finials  will  be  able 
to  subpoena  these  keys.  However,  with  the  marketplace  being  chilled  and  damaged 
by  U.S.  export  controls,  this  natural  demand  for  devices  that  allow  emergency  access 
or  recovery  at  the  choice  of  the  individual  user  is  quashed. 

IV.  SECURITY  STRENGTH  IS  THE  BASIS  FOR  PURCHASING  DECISIONS 

Netscape  can  sell  128  bit  key  length  encrypted  products  in  the  U.S.  and  Canada. 
So  can  any  other  company  or  individual,  foreign  or  domestic.  But  while  our  foreign 
competitors  can  compete  with  us  freely  in  the  U.S.,  they  can  sell  their  128  bit 
encryption  in  most  any  market,  whereas  we  cannot.  They  know  this  and  they  use 
it  to  their  advantage.  At  present,  U.S.  export  laws  only  permit  ready  export  of  prod- 
ucts of  no  more  than  40  bit  keys  for  all  but  a  narrow  category  of  products  for  finan- 
cial transactions. 

U.S.  export  restrictions  on  encryption  impede  American  competitiveness  in  the 
highwage  information  economy.  When  I  use  the  term  "information  economy,"  I  don't 
mean  only  the  software  and  hardware  industries,  where  current  policy  costs  job 
growth  and  revenue.  I  also  mean  the  businesses  of  manufacturers  of  U.S.  export 
products,  who  cannot  take  advantage  of  electronic  commerce,  home  banking,  health 
care  networking  and  Intranets  to  do  business  in  foreign  markets  because  they  can- 
not establish  secure  communications  links  overseas.  And  I  mean  our  prospective 
customers,  whose  valuable  and  private  information  is  at  risk  from  corporate  espio- 
nage, hacking  and  other  crimes.  These  losses,  which  a  survey  by  the  Senate  Perma- 
nent Investigations  Subcommittee  estimated  at  $800  million  last  year,  represent  not 
just  more  lost  business  and  employment  opportunities,  but  damage  to  key  sectors 
of  our  civilian  infrastructure. 

Customers  abroad  recognize  the  importance  of  encryption  in  the  information  econ- 
omy. As  Netscape  has  learned  first-hand,  foreign  customers  want  the  same  level  of 
encryption  strength  that  U.S.-based  firms  use:  128  bit,  or  more.  In  addition,  U.S. 
firms  with  officers,  vendors  and  customers  overseas  want  to  have  the  same  level  of 
security  across  their  entire  network.  They  can't  have  their  U.S.  executives  commu- 
nicating in  a  secure  manner  using  128  bit  encryption  between  two  U.S.  locations, 
then  have  to  build  a  separate  network  to  communicate  between  their  home  office 
in  the  U.S.  and  their  overseas  offices  in  which  only  vulnerable  40  bit  encryption  is 
used. 

This  means  lost  sales  and  lost  job  growth  for  U.S.  companies.  For  example,  be- 
cause Netscape  cannot  sell  128  bit  encryption  products  abroad  we  are  losing  cus- 
tomers and  multimillion  dollar  deals  in  Germany,  the  U.K.,  France,  Switzerland, 
and  Japan.  Companies  are  understandably  reluctant  to  talk  about  lost  sales,  but  I'll 
give  you  a  specific  example  from  our  own  experience.  Deutsche  Telekom,  a  large, 
corporate  customer  in  Germany  wanted  to  use  Netscape's  128  bit  key  software  to 
run  a  national  health  care  information  network.  Each  user  would  have  a  smart  card 
carrying  a  chip  containing  their  complete  medical  records  and  health  care  informa- 
tion in  encrypted  format.  The  patient  could  go  from  doctor,  to  employer,  to  govern- 
ment agency  for  treatment,  benefits,  and  other  assistance  without  having  to  keep 
track  of  paper,  forms,  and  files.  Because  this  network  would  have  used  encrjrption, 
the  patient's  information  would  have  remained  private.  Privacy  laws  are  extremely 
important  in  countries  like  Germany,  and  are  much  more  stringent  than  here  in  the 
U.S.  German  customers  and  users  not  only  want  a  secure  system',  they  are  required 
to  implement  and  use  one  under  the  law. 

This  lost  deal  not  only  hurts  one  software  company.  I  am  sure  our  competitors 
also  bid  on  this  deal  or  at  least  considered  doing  so.  In  addition  and  less  readily 
apparent,  there  are  secondary  losses  to  U.S.  citizens  and  the  U.S.  economy.  It  is 
worth  noting  that  telemedicine  networks  like  this  one  are  critical  for  U.S.  citizens 
in  rural  areas  if  they  are  to  get  the  same  level  of  health  care  that  citizens  in  urban 
areas  enjoy.  Transferring  private  medical  records  via  overnight  delivery  or  by  fax 
can  be  too  slow,  and  faxed  records  can  be  illegible.  The  forms  are  often  different 
and  information  has  to  be  retyped,  a  wasteful  and  error-prone  process  that  adds 
risk,  time  and  expense.  Digital  transmission  via  the  Internet  would  be  direct,  fast, 


68 

private  and  secure.  Encryption  could  save  time,  cut  through  logistical  difficulties, 
and  on  occasion  help  save  a  life. 

Unfortunately  for  Netscape,  because  of  U.S.  export  controls,  Germany  will  build 
its  telemedicine  network  by  having  a  German  company  build  the  software  from 
scratch.  This  not  only  means  a  loss  of  a  sale  for  Netscape.  It  also  means  that  a  new 
competitor  has  been  created  where  one  did  not  exist  before,  setting  standards  and 
establishing  itself  as  a  technology  leader.  Some  firms  are  making  millions  of  dollars 
providing  re-encryption  mechanisms  based  on  SSL  or  Java  applets.  One  such  firm 
is  Brokat  in  Germany.  They  got  their  start  in  large  part  due  to  our  inability  to  pro- 
vide Deutsche  Bank  with  the  desired  level  of  security.  Brokat  is  now  reencrypting 
Netscape's  40  bit  SSL  product  with  Java  applets  with  stronger  levels  of  encryption. 
Some  customers  used  to  have  the  patience  to  see  if  a  U.S.  firm  could  move  a  one- 
off  license  through  the  export  control  requirements.  Today,  they  do  not  have  to  put 
up  with  the  wait,  expense,  conditions,  and  uncertainty.  They  can  go  to  companies 
like  Brokat  and  get  the  products  and  solutions  they  want  straight  away. 

Security  is  a  feature  that  drives  the  market.  Just  as  U.S.  consumers  bought  fuel- 
efficient  cars  from  Japan  during  the  energy  crisis  of  the  1970s,  consumers  are  turn- 
ing to  security  proficient  software  products  from  non-U.S.  firms  during  the  Internet 
explosion  of  the  1990s.  Perception  matters — like  it  or  not.  A  customer  will  buy  a  128 
bit  product  assuming  that  it  is  stronger  than  40  bits.  Bit  length  is  one  of  many  im- 
portant factors  in  determining  the  integrity  of  a  product  and  its  security  methodol- 
ogy. However,  the  average  user  of  computers  today  does  not  want  to  bother  with 
the  subtler  details  of  how  one  cryptography  scheme  is  tighter  than  another. 

What  is  the  bottom  dollar?  Recent  sales  forecasts  indicate  that  for  Europe  alone, 
we  are  on  track  to  lose  at  least  $40  milUon  in  sales  this  year  for  non-mass  market 
products  (security  deals  for  banks,  payment  mechanisms  for  consumer  electronic 
commerce,  and  Intranet  systems  for  corporations),  due  to  U.S.  export  controls.  It's 
clear  to  us  that  unless  something  changes,  we  may  risk  losing  over  a  billion  dollars 
in  sales  by  the  year  2000.  And  that's  just  for  our  company  alone.  Please  bear  in 
mind  that  such  market  loss  data  will  include  losses  on  deals  with  customers  based 
in  the  U.S.  who  vdsh  to  use  strong  encryption  outside  the  U.S.  Since  they  would 
facesimilar  licensing  difficulties  or  barriers,  they  will  begin  to  import  the  solutions 
they  need. 

The  most  fundamental  point  to  understand  about  foreign  availability  is  that  the 
U.S.  doesnot  have  a  monopoly  on  the  world's  cryptographers.  Hundreds  of  people 
all  over  the  world  have  the  ability  to  create  the  mathematical  algorithms  that  un- 
derlie encryption.  Many  are  in  Europe,  Israel,  Russia,  China,  South  Africa,  The 
Netherlands,  Germany,  the  U.K.,  and  Japan.  Cryptographers  working  in  those  na- 
tions can  create  the  code  to  meet  the  demand  that  U.S.  firms  are  denied  from  meet- 
ing. 

Thawte  Consulting,  Inc.,  of  South  Africa,  for  example,  produces  Internet  software 
called  Sioux  (based  on  SSL  open  standards),  and  offers  the  same  encryption 
strength  as  our  domestic  product — 128  bits.  Thawte  Consulting  targets  corporate 
customers,  the  high  end  of  the  communications  software  market,  selling  server  soft- 
ware, which  jdelds  the  highest  profits.  Thawte  Consulting  distributes  its  Sioux  soft- 
ware to  the  world  via  the  Internet  at  extremely  low  cost.  Also,  because  they  distrib- 
ute their  product  on  the  Internet,  bugs  in  their  product  are  fixed  after  being  identi- 
fied by  beta  testers — the  same  type  of  interested  users  that  help  American  compa- 
nies improve  their  products. 

Thawte  even  uses  U.S.  export  control  laws  as  an  explicit  part  of  its  marketing 
strategy,  playing  off  concerns  about  the  inadequacy  of  U.S.  export  quality 
encryption,  advertising  on  the  Web  that: 

Sioux  offers  full  128  bit  encryption  around  the  world,  unencumbered  by 
US  ITAR  regulations.  .  .  .  The  US  ITAR  regulations  prohibit  the  export 
of  strong  encryption  technology  fi-om  North  America.  This  means  that  com- 
panies such  as  Netscape,  Microsoft  and  Open  Market  have  to  ship  "Export 
Versions"  of  their  software  which  have  limited  encrjrption  capability — using 
40  bit  keys  which  can  be  trivially  deciphered.  Since  Sioux  was  developed 
outside  of  the  ITAR  framework  it  ships  with  full  encryption  enabled  all  over 
the  world.  Why  limit  your  security? 

httpV/www.thawte.com/products/sioux/about.html.  The  threat  from  Sioux  is  in  no 
way  hypothetical.  It  functions  as  an  add-on  to  Apache  server  software  (an  American- 
based  free-ware  product),  which  in  the  first  quarter  of  this  year  achieved  greater 
market  share  than  Netscape,  Microsoft,  Oracle  and  Open  Market  combined.  Just  as 
Netscape  burst  quickly  onto  the  scene,  so  can  companies  like  Sioux.  Other  competi- 
tors will  not  be  far  behind. 


69 

We  have  all  seen  what  can  happen  when  the  Japanese  government,  in  partner- 
ship with  industry,  decides  to  pursue  strategic  markets.  They  are  now  targeting  the 
Internet  and  crjrptography.  If  Japanese  government  and  industiy  may  have  been  a 
bit  slow  to  recognize  the  phenomenon  of  network-centric  computing,  they  are  devot- 
ing plenty  of  attention  to  it  today.  The  Japanese  government  is  spending  more  than 
$200  million  directly  on  research  and  development  in  cryptography  through  the 
Ministry  of  International  Trade  and  Industry  (MITI)  and  the  Ministry  of  Posts  and 
Telecommunications  (MPT).  Japanese  companies  will  doubtless  be  tough  competitors 
in  the  world  marketplace,  and  unless  export  control  laws  are  reformed,  they  will  re- 
ceive a  critical  advantage  over  their  U.S.  competitors. 

As  an  exporter,  I  stress  that  the  very  existence  of  U.S.  export  control  bit  key  lim- 
its creates  a  serious  customer  perception  problem  abroad.  Customers  are  aware  that 
U.S.  export  controls  block  export  of  strong  encryption.  As  you  can  see  from  the  Sioux 
web  site,  our  foreign  competitors  are  even  beginning  to  advertise  on  this  basis.  Until 
U.S.  export  control  laws  are  relaxed,  our  potential  foreign  customers  will  be  sus- 
picious of  an  important  feature  of  our  product. 

Finally,  I  want  to  stress  that  export  controls  pose  a  very  real  short-term  danger 
to  American  competitiveness  and  leadership  in  computer  hardware  and  software. 
Without  immediate  relief  overseas,  competitors  will  gain  substantial  footholds  in 
valuable  and  strategically  important  markets  in  industrialized  countries.  Once  these 
footholds  are  established,  foreign  technical  standards  will  drive  the  rules  of  the  mar- 
ketplace. 

V.  WHY  MANDATORY  KEY  ESCROW  WILL  NOT  WORK 

A.  What  Is  "Mandatory"  Key  Escrow? 

H.R.  3011  has  it  right.  Our  export  control  laws  should  not  restrict  exports  of  gen- 
erally available  strong  encr3T)tion  products  to  friendly  countries  because  the  prod- 
ucts do  not  implement  third-party  key  escrow.  This  form  of  key  escrow  is  manda- 
tory— mandatory  on  U.S.  producers,  who  are  forced  to  produce  third-party  key  es- 
crow products  in  order  to  be  able  to  export  robust  encryption,  and  mandatory  on 
foreign  customers,  who  must  place  a  copy  of  the  encryption  key  with  a  government- 
approved  third  party  agent  in  order  to  buy  products  with  robust  encryption.  Tying 
export  relief  to  adoption  of  a  government  escrow  regime  is  not  a  voluntary  policy, 
no  matter  how  it  is  packaged  and  repackaged.  A  true  "voluntary"  approach  would 
be  to  unbundle  export  controls  from  mandatory  escrow,  thus  allowing  companies  to 
invest  in  new  products  and  compete  freely. 

Netscape  supports  voluntary  self-escrow  and  the  freedom  of  user  choice,  and  wel- 
comes the  Administration's  increasing  interest  in  self-escrow  as  a  feature  of  key 
management.  However,  we  continue  to  have  a  major,  overriding  concern  about  the 
Administration's  insistence  on  third-party  key  escrow  as  a  condition  for  exporting 
stronger  encryption.  We  fear  that  key  escrow  will  not  work  in  the  Internet  market. 

The  National  Research  Council  panel  which  did  an  exhaustive  analysis  of  this 
issue  concluded  that  "aggressive  promotion  of  [key  escrow]  is  not  appropriate  at  this 
time."  The  panel  cautioned  about:  (1)  the  significant  operational  complexities  of  a 
key  escrow  infrastructure,  (2)  its  "significant  negative  impact  on  the  natural  market 
development  of  information  services  and  technologies,"  (3)  the  need  to  "learn  more 
about  how  the  market  will  respond  before  adopting  a  specific  solution  driven  by  the 
needs  of  government,"  and  (4)  the  risk  that  key  escrow  will  3deld  meager  benefits 
because  criminals  and  other  targets  of  surveillance  will  circumvent  escrowed  tech- 
nologies and  because  government  will  be  able  to  obtain  access  to  much  encrypted 
information  through  search  warrants  and  subpoenas  against  self-escrowing  entities. 

The  government's  third  party  key  escrow  proposal  is  totally  untested  and  leaves 
major  questions  about  effectiveness,  security  breaches  by  escrow  agents  and  govern- 
ment employees,  and  even  technical  feasibility  unanswered. 

B.  Why  Mandatory  Key  Escrow  Will  Not  Work 

(1)  Key  Escrow  Is  Technologically  Incompatible  With  Internet  Standards:  Key  es- 
crow will  not  work  with  the  existing  Secure  Sockets  Layer  ("SSL")  Internet  commu- 
nications standard  that  is  open  to  the  public  and  interoperable  with  other  stand- 
ards. SSL  is  the  industry  standard  for  securing  Internet  communication — we  use  it, 
Microsoft  uses  it,  and  many  other  competitors  at  home  and  abroad  use  it.  It  pro- 
vides a  reliable  level  of  confidentiality  and  integrity  to  high-speed  transactions  for 
general  information  fields.  For  those  of  you  who  use  our  browser,  SSL  can  be  recog- 
nized by  the  locked  key  icon  in  the  lower  left  hand  comer  of  the  browser  screen. 

SSL  creates  a  unique  "session  key"  for  each  communication  session.  The  govern- 
ment's key  escrow  proposal  simply  will  not  work  with  this  technology.  There  are  too 
many  session  keys  being  created  and  discarded  each  time  tens  of  millions  of  people 


70 

communicate  with  each  other  for  escrow  agents  to  have  the  keys  in  advance  and 
keep  track  of  them.  By  generating  a  neutral  session  key,  SSL  permits  unacquainted 
parties  to  communicate  and  conduct  business  securely  without  having  to  establish 
a  prior  relationship  of  trust.  The  key  for  the  session  is  negotiated  only  when  the 
secure  session  is  initiated  and  ends  when  the  transaction  or  communication  is  com- 
pleted or  terminated  by  one  or  both  of  the  parties.  Without  the  ability  to  utilize  dy- 
namic security  systems  such  as  SSL,  many  of  the  speed,  efficiency,  and  convenience 
gains  of  the  Internet  will  be  overwhelmed  by  pre-transaction  requirements  and  sup- 
port. 

The  only  key  escrow  alternative — to  escrow  the  user's  "private  communication 
key"  that  is  used  each  time  the  user  communicates — does  not  work  either  for  SSL. 
With  SSL,  the  user's  private  key  is  the  same  as  the  key  that  authenticates  the 
user's  identity.  Giving  this  identity  key  to  a  third-party  agent  would  make  prosecu- 
tions more  difficult  and  open  the  door  to  enormous  mischief  because  it  would  allow 
others  to  masquerade  as  a  user,  potentially  stealing  the  user's  assets,  changing  criti- 
cal passwords  necessary  to  access  files,  etc.  One's  identity  could  be  permanently  al- 
tered. Individuals  could  be  accused  of  committing  acts  or  making  commitments  of 
which  they  had  no  knowledge. 

Netscape  has  explained  to  the  Administration  these  serious  technical  and  legal 
difficulties  with  implementing  third-party  key  escrow  for  SSL.  We  have  yet  to  re- 
ceive an  answer. 

Recent  experience  with  GALEA  suggests  that  government  involvement  in  the 
Internet  standards  setting  process  is  likely  to  be  much  more  burdensome  and  more 
intrusive  than  is  suggested  in  the  government's  descriptions  of  its  escrow  plans.  The 
F.B.I,  has  engaged  in  significant  overreaching  in  its  involvement  in  GALEA  stand- 
ards for  wireless  telephone  providers,  prompting  G.T.I.A.  last  week  to  announce  its 
opposition  to  some  of  the  F.B.I.'s  demands.  'The  F.B.I,  asked  Gongress  to  pass 
GALEA  on  the  ground  that  the  legislation  was  necessary  to  continue  meaningfully 
to  execute  warrants  in  the  digital  age — a  message  quite  similar  to  the  government's 
defense  of  mandatory  key  escrow.  However,  with  GALEA  now  law,  the  F.B.I,  is 
claiming,  in  contravention  of  the  statute  itself,  that  GALEA  requires  the  wireless 
telephone  industry  to  provide  location  information  for  every  mobile  phone  within 
very  close  proximity. 

There  is  a  ftirther  technical  and  legal  problem  with  key  escrow  of  significance  to 
our  users.  18  U.S.G.  §2518(5)  sets  forth  an  important  requirement  for  minimization 
of  intrusion:  The  interception  of  communication  not  otherwise  subject  to  interception 
is  not  permissible  and  must  be  actively  minimized.  There  is  a  serious  question 
whether  it  is  possible  to  minimize  the  interception  of  Internet  communications  data 
when  it  resembles  a  few  hundred  party  lines  all  in  the  same  room  (virtually).  Rea- 
sons for  this  include:  (i)  the  access  cannot  be  limited  to  the  time  period  for  which 
the  lawful  access  has  been  granted;  (ii)  all  encrypted  information  for  that  user  can 
be  accessed;  and  (iii)  at  the  end  of  the  lawfiil  access  the  distribution  key  has  to  be 
changed. 

(2)  Unproven  Technology:  Key  escrow  with  third  party  agents  approved  by  the 
government  and  offering  rapid  ex  parse  government  access  is  a  totally  untested 
technology.  A  few  countries  are  moving  in  the  direction  of  encouraging  or  requiring 
use  of  such  escrow  agents,  but  there  are  no  products  on  the  market  that  do  what 
our  government  wants  done.  While  our  government  has  indicated  interest  in  run- 
ning pilot  projects  testing  key  escrow  for  government  uses  and  narrow  segments  of 
industry  may  respond  to  this  invitation,  no  product  has  demonstrated  private  sector 
market  demand  at  home  or  abroad  for  such  escrow  products.  For  this  reason  alone, 
policymakers  should  heed  the  NRG  stud^s  warnings  about  requiring  key  escrow. 
Moreover,  key  escrow  regimes  are  subject  to  heightened  vulnerability  to  computer 
attacks,  as  Peter  Neumann  warned  in  his  testimony  this  summer  before  the  Senate 
Investigations  Subcommittee,  because  they  require  an  extensive  infrastructure  that 
itself  presents  an  additional  target  for  attackers. 

(3)  Market  Acceptance:  There  is  serious  doubt  that  users  will  purchase  products 
with  keys  escrowed  with  government-chosen  agents  unless  they  have  no  other  palat- 
able choice.  Remember  that  under  the  government's  proposal,  our  customers  will  be 
asked  to  entrust  some  of  their  most  valuable  and  most  private  information  to  a 
third  party  they  do  not  choose.  For  example,  individual  firms  in  the  securities  indus- 
try, which  is  represented  here  today,  must  protect  access  to  securities  portfolios  of 
enormous  value.  Escrow  with  any  third  party  not  freely  selected  by  the  user  will 
be  viewed  as  undesirable  because  of  concern  that  third  parties  may  breach  user  se- 
cxirity  or  mishandle  keys. 

Furthermore,  the  government  goal  of  ready  ex  parse  access  to  encrypted  informa- 
tion runs  counter  to  making  U.S.  product  a  success  in  international  markets.  Imag- 
ine the  reaction  of  a  foreign  customer  if  offered  a  product  to  which  the  U.S.  govern- 


71 

ment  has  immediate,  ex  parte  access.  Just  think  about  it.  If  a  Japanese  company 
came  to  you  with  a  terrific  communications  product,  but  the  Japanese  government 
had  ready  access  to  the  key  and  could  hsten  in  at  will,  would  you  buy  it?  Our  U.S. 
customers  wouldn't  buy  from  a  Japanese  company  either  if  the  Japanese  govern- 
ment had  ready  access  to  the  key. 

You  may  have  heard  about  an  "emerging  consensus"  on  key  escrow  at  the  OECD 
that  might  3deld  a  market  for  third-party  escrow  products.  While  discussions  toward 
a  global  cryptography  policy  move  forward  at  the  Organization  for  Economic  Co- 
operation and  Development  ("OECD"),  they  are  likely  to  5aeld  only  a  set  of  loose  and 
somewhat  contradictory  policy  guidelines  that  are  far  from  an  endorsement  of  the 
Administration's  third-party  escrow  approach.  Moreover,  these  guidelines  will  not 
have  the  force  of  law,  but  must  instead  be  interpreted  by  each  OECD  country  that 
decides  to  pass  legislation  on  this  issue.  To  date,  many  of  our  important  allies  and 
trading  partners  have  declined  to  come  out  in  favor  of  a  Trusted  Third  Party 
("TTP")  system  for  escrowdng  keys.  These  include:  Germany,  Japan,  Canada,  Aus- 
tralia, Sweden,  Finland,  and  Denmark.  In  addition,  most  countries,  including  sev- 
eral with  major  cryptographic  resources  and  market  size,  are  not  represented  at  the 
OECD. 

Even  if  the  Administration's  predictions  of  an  OECD  agreement  endorsing  manda- 
tory key  escrow  were  realized,  that  would  not  mean  that  there  would  be  significant 
demand  abroad  for  key  escrow  products  of  the  variety  favored  by  our  government. 
Instead,  countries  would  likely  adopt  conflicting  law  enforcement  access  and  escrow 
standards  reflecting  their  policy  and  privacy  preferences.  This  would  likely  spell  the 
balkanization  of  the  Internet,  undermining  the  interoperability  of  the  entire  net- 
work and  complicating,  rather  than  simplifying,  F.B.I,  and  N.S.A.  access. 

To  understand  this  problem,  it  is  important  to  remember  that  the  Internet  has 
flourished  based  upon  two  core  principles — open,  interoperable  standards  and  user 
choice — ^both  of  which  are  jeopardized  by  government-mandated  key  escrow  stand- 
ards. The  standards  upon  which  the  Internet  runs  are  freely  available  to  designers 
of  new  products,  and  are  established  through  a  democratic,  international  standard 
setting  process.  The  interoperability  of  the  system  is  essential  for  users  to  be  able 
to  communicate  with  others  across  the  globe.  Interoperability  and  open,  democrat- 
ically developed  standards  have  in  turn  given  users  a  free  choice  of  products  and 
services.  User  choice  has  been  essential  to  competition  and  innovation  in  our  indus- 
try, which  has  brought  a  dizzying  array  of  new  products  and  communications  capa- 
bilities to  the  marketplace  in  a  few  short  years.  Making  escrow  standards  the  sub- 
ject of  national  government  determinations  would  mark  a  serious  change,  and  would 
jeopardize  the  interoperability  and  choice  that  are  critical  to  the  usefulness  of  the 
Internet  and  the  innovations  it  affords  the  tens  of  million  of  people  who  increasingly 
depend  upon  it. 

(4)  Cost:  Key  escrow  carries  with  it  large  infrastructure  management  costs.  In  a 
few  short  years,  there  will  be  nearly  200  million  people  connected  to  each  other  over 
the  Internet.  Withdrawing  and  managing  their  keys  securely  would  be  a  major  and 
expensive  management  problem.  Responding  rapidly  to  law  enforcement  requests 
for  keys — some  of  them  from  different  countries — would  be  particularly  burdensome. 
At  the  very  least,  these  costs  risk  significantly  increasing  the  price  of  Internet  com- 
munications, and  reducing  connectivity  among  "information  have  note"  to  this  enor- 
mously promising  network. 

(5)  Liability  for  Mishandling  of  Keys:  Thus  far,  the  government's  trusted  third 
party  key  escrow  proposal  does  not  address  the  important  question  of  liability  for 
mishandling  of  keys.  Under  the  government's  proposal,  users  would  be  required  to 
entrust  some  of  their  most  sensitive  and  valuable  information — such  as  trade  se- 
crets, credit  card  and  bank  information,  and  personal  medical  information — to 
agents  chosen  by  the  government.  However,  we  have  yet  to  hear  whether  the  gov- 
ernment will  accept  liability  if  it  mishandles  keys  or  what  relief  it  proposes  to  give 
users  against  escrow  agents  who  mishandle  information.  Unless  they  are  assumed 
by  the  government,  these  liability  costs  would  in  turn  be  passed  along  to  users,  fur- 
ther increasing  costs  and  further  reducing  connectivity. 

Indications  that  the  Administration  intends  to  offer  reciprocal  access  for  foreign 
governments  to  escrowed  keys  raise  even  broader  repercussions.  By  virtue  of  pur- 
chasing a  U.S.  product  for  an  interoffice  communications  link  that  includes  an  over- 
seas subsidiary,  U.S.  firms  would  expose  themselves  to  ex  parse  surveillance  by  for- 
eign governments.  F.B.I.  Director  Louis  Freeh  has  made  clear  in  pubUc  testimony 
that  there  are  dozens  of  countries  and  state-sponsored  economic  espionage  cells  ac- 
tively trying  to  get  their  hands  on  corporate  proprietary  information.  Given  that 
threat,  it  would  seem  deeply  unwise  not  to  offer  foreign  governments  access  to  that 
information. 


72 

(6)  Circumvention  of  Key  Escrow:  Key  escrow  is  likely  to  disrupt  the  market  sig- 
nificantly without  having  a  major  impact  on  crime,  terrorism  or  U.S.  intelligence 
gathering.  As  the  NRC  report  observes,  targets  of  our  law  enforcement  surveillance 
and  intelligence  gathering  are  likely  to  be  able  to  circumvent  the  key  escrow 
encryption  regime.  As  an  Internet  Society  working  group  that  recently  examined 
this  issue  reported: 

Even  if  escrowed  encryption  schemes  are  used,  there  is  nothing  to  pre- 
vent someone  from  using  another  encryption  scheme  first.  Certainly,  any 
serious  malefactor  would  do  this;  the  outer  encryption  layer,  which  would 
use  an  escrowed  scheme,  would  be  used  to  divert  suspicion.  ^ 

Take  the  example  of  SSL:  even  if  the  session  key  did  not  change  and  were  somehow 
escrowed  and  available  to  government  agents,  users  could  still  encrypt  data  using 
POP  or  commercial  encryption  available  from  foreign  suppliers  before  sending  it 
through  an  SSL  communications  channel  ("super-encryption")  or  by  re-encrypting 
the  message  after  key  escrow  has  been  used  already. 

Unescrowed  strong  encryption  is  available  overseas,  and  the  world  is  simply  too 
big  a  place  for  the  LTS.  to  prevent  intelligence  and  law  enforcement  targets  sophisti- 
cated enough  to  use  computers  from  obtaining  it.  While  law  abiding  companies  like 
Netscape  will  follow  U.S.  law  in  this  area  to  the  detriment  of  their  world  market 
share  and  their  ability  to  compete  effectively,  other  countries  have  a  strong  incen- 
tive not  to  require  key  escrow,  since  such  products  will  have  an  edge  on  the  world 
marketplace.  Furthermore,  notwithstanding  prohibitions  of  U.S.  law,  unescrowed 
encryption  can  travel  easily  across  international  borders  over  the  Internet  or  on  a 
single  computer  diskette. 

For  all  these  reasons,  H.R.  3011  is  correct  to  prohibit  mandatory  third-party  key 
escrow. 

VI.  REGULATORY  BURDEN  OF  EXISTING  EXPORT  CONTROL  LAWS 

H.R.  3011  would  provide  much  needed  streamlining  of  the  burdensome  export  li- 
censing process.  The  existing  regime  is  burdensome,  slow,  chills  innovation  and  dis- 
proportionately hurts  smaller  players.  Export  licensing  law  is  obscure  and  con- 
voluted, understood  by  only  a  few  experts  and  implemented  by  officials  who  wield 
extraordinarily  broad  discretion.  The  agencies  that  pass  on  export  licensing  requests 
have  little  compulsion  to  act  quickly  or  cooperatively  in  close  cases.  Judicial  review 
of  individual  licensing  decisions  is  expressly  foreclosed,  preventing  any  path  to  ap- 
peal an  adverse  final  agency  decision. 

The  effect  of  the  law  is  to  chill  investment  in  innovative  products  with  robust 
encryption  capabilities.  Companies  in  many  instances  simply  cannot  know  whether 
a  product  that  they  are  considering  producing  will  be  exportable.  In  an  industry 
where  product  cycles  are  as  short  as  four  months,  the  risk  and  uncertainty  associ- 
ated with  obtaining  special,  one-ofT  licenses  to  gain  even  a  very  limited  approval  for 
export  of  strong  security  products  is  often  too  great  and  kills  deals. 

The  adverse  effect  of  export  control  laws  is  particularly  onerous  on  smaller  export- 
ers. The  risk  for  such  firms  of  investing  in  a  product  or  products  that  may  not  be 
licensed  is  greater.  Furthermore,  the  internal  costs  and  outside  legal  fees  of  nego- 
tiating through  the  export  licensing  process  are  more  burdensome,  adding  a  signifi- 
cant expense  to  just  doing  business.  Worse  yet,  the  Administration's  plans  for  a  key 
management  infrastructure  will  likely  benefit  only  a  few  of  the  largest  companies 
that  can  afford  to  risk  investing  capital  in  a  key  escrow  regime  that  is  unlikely  to 
work  or  be  widely  used. 

VII.  CONCLUSION 

What  will  work  in  solving  this  issue  is  unleashing  the  competitive  and  innovative 
energies  of  this  country.  Competition  and  innovation  only  work  in  an  open  network 
environment  and  throughout  the  global  marketplace.  H.R.  3011  enables  this  to  hap- 
pen. 

Netscape's  commercial  customers  and  other  companies  will  typically  want  some 
form  of  escrow,  but  will  want  to  decide  themselves  where  to  store  the  key.  They 
have  a  need  to  access  and  recover  keys — for  example,  to  be  able  to  recover  informa- 
tion on  the  computer  of  an  employee  who  has  died,  left  the  company,  or  become  dis- 
gruntled. Individuals  know  that  they  lose  keys  to  their  cars  and  homes  once  in  a 
whUe,  and  that  the  same  thing  could  happen  on  their  computer  hard  disks.  Private 


iBrian  E.  Carpenter  &  Fred  Baker,  Internet  Architecture  Board  and  Internet  Engineering 
Steering  Group,  Statement  on  Cryptographic  Technology  and  the  Internet,  Network  Working 
Group,  Request  For  Comments  #1984,  at  3  (Internet  Society,  Aug.  1996). 


73 

sector  recovery  services  will  likely  have  a  market  to  supply.  As  more  people  and 
companies  come  to  perform  more  of  their  communications  and  transactions  on  the 
Internet  or  via  Intranets,  demand  will  grow  for  products  that  not  only  provide  the 
protection  of  robust  encryption,  but  also  enable  a  user  to  recover  from  their  own 
mistakes.  Self-escrow  is  the  first  step  in  building  toward  regular  use  of  services  that 
can  supply  access  and  recovery.  If  consumers  can  have  a  free  choice  of  products, 
they  will  be  likely  to  choose  the  one  that  best  suits  their  concerns  and  confidence. 

In  short,  operation  of  the  free  market,  rather  than  precluding  N.S.A.  and  law  en- 
forcement access  to  unescrowed  commercial  information,  will  in  many  instances  per- 
mit the  subpoena  of  encryption  keys  in  much  the  same  manner  as  corporate  records 
are  subpoenaed  today. 

Consumer  choice  and  interoperable,  open  standards  are  necessary  for  America's 
information  economy  to  benefit  fully  from  the  Internet.  The  Administration's  key 
management  infrastructure  plans  thwart  marketplace  competition  and  preclude 
open  standards.  It  is  rather  strange  to  look  at  this  Administration's  efforts  to  pro- 
mote free  trade  (e.g.,  NAFTA,  negotiations  with  Japan),  its  support  for  slimming 
down  government  (e.g.,  the  "end  of  big  government  as  we  know  it"  pledge),  and  its 
promotion  of  the  benefits  of  information  technology  (e.g.,  the  Nil  and  Gil  programs), 
and  then  compare  these  policies  to  the  command  and  control  planning  for  a  massive 
key  management  mandate  that  jeopardizes  U.S.  leadership  in  the  information  econ- 
omy and  electronic  commerce.  On  encrj^jtion,  this  Administration's  high-tech  policy 
is  internally  contradictory. 

Security  is  a  requirement,  not  an  option  in  computer-based  communications. 
Enci:yption  must  be  an  easy-to-use  part  of  the  product.  Security  cannot  be  regulated 
into  a  third  party  service  one  is  forced  to  pay  for  in  addition  to  the  cost  of  accessing 
the  GIL  Otherwise,  only  the  wealthy  wiU  be  secure,  American  jobs  will  be  lost,  and 
the  Administration's  export  control  policy  and  key  escrow  proposals  will  create  a 
new  kind  of  "information  have-not" — with  the  average  person  forced  to  use  insecure 
communications  or  old  technologies. 

Mr.  GOODLATTE.  Thank  you,  Ms.  Katz. 
Ms.  Ripley,  welcome. 

STATEMENT  OF  PATRICIA  RIPLEY,  MANAGING  DIRECTOR, 
BEAR,  STEARNS  &  CO.,  INC. 

Ms.  Ripley.  Good  morning,  Mr.  Chairman,  and  members  of  the 
committee.  My  name  is  Patricia  Ripley.  I  am  the  managing  director 
at  Bear,  Stearns,  responsible  for  corporate  security,  a  function  I 
started  in  1990. 

Thank  you  for  giving  me  this  opportunity  to  testify  in  support  of 
H.R.  3011.  In  the  interest  of  time,  I  will  summarize  my  remarks, 
but  I  ask  that  a  copy  of  my  written  statement  be  included  in  the 
record. 

Mr.  Chairman,  security  is  important  to  Bear,  Stearns,  as  it  is  to 
all  of  us  in  the  securities  industry.  My  staff  and  I  carefully  review 
and  analyze  technology  and  its  impact  on  security  at  the  firm,  and 
for  good  reason.  We  have  a  fiduciary  responsibility  to  our  cus- 
tomers and  to  our  shareholders  to  maintain  the  confidentiality,  in- 
tegrity, and  availability  of  our  data.  We  take  this  responsibility 
very  seriously.  Each  year  Bear,  Stearns  spends  hundreds  of  thou- 
sands of  dollars  building,  buying,  implementing,  and  testing  secu- 
rity of  our  systems  and  networks. 

Our  business  depends  on  the  ability  to  communicate  quickly  and 
effectively  with  our  clients.  If  we  cannot  maintain  the  confidential- 
ity of  our  clients  and  our  own  data,  we  will  lose  our  clients'  con- 
fidence and  their  business.  The  securities  industry  needs 
encryption  products  to  protect  sensitive  proprietary  information 
and  electronic  communications.  We  also  need  encryption  to  authen- 
ticate the  originator  of  information. 


36-300    96-4 


74 

The  growth  of  the  Internet  and  open  systems  has  also  presented 
us  with  new  security  challenges.  I  oversee  Bear,  Stearns'  connec- 
tion to  the  Internet  and  its  secure  use.  Because  of  security  con- 
cerns, we  have  taken  a  relatively  conservative  approach  to  using 
the  Internet.  However,  there  are  people  at  Bear,  Stearns  who  feel 
that  the  security  risks  outweigh  the  business  benefits  and  who  feel 
that  we  shouldn't  use  the  Internet  at  all.  But  our  clients  want  to 
do  business  over  the  Internet,  and  our  competitors  already  do.  The 
firm  feels  we  no  longer  have  the  option  to  stay  offline. 

Current  export  restrictions  on  encryption  make  it  difficult  for 
Bear,  Stearns  to  transmit  information  securely  to  its  overseas  of- 
fices. But  even  worse,  the  restrictions  prohibit  us  from  providing 
strong,  American-made  encryption  software  to  our  non-U. S.  clients 
and  hampers  our  efforts  to  communicate  securely  with  them.  Com- 
panies based  in  foreign  countries  where  we're  doing  business  can 
use  any  encryption  scheme  they  want.  This  leaves  Bear,  Stearns 
and  other  U.S.  securities  firms  at  a  disadvantage. 

Mr.  Chairman,  our  firm  has  looked  at  many  possible  solutions  to 
this  problem.  We  could  download  a  copy  of  PGP,  instruct  our  cli- 
ents to  do  the  same,  and  communicate  securely  and  legally.  But  the 
answer  is  not  that  simple.  PGP  is  not  the  ultimate  solution  because 
it  will  not  work  in  all  instances  where  we  need  secure  communica- 
tions. Bear,  Stearns  is  a  $7  billion  company  with  over  7,000  em- 
ployees in  13  offices  around  the  world.  We  use  many  different  com- 
munication technologies,  each  of  which  can  require  a  different  secu- 
rity implementation.  Security  products  do  exist  in  the  United 
States  to  solve  these  problems,  but  they  cannot  be  exported. 

Additionally,  because  of  our  large  size,  we  prefer  to  standardize 
on  products  that  can  be  used  by  all  of  the  locations  that  we  sup- 
port. It  would  be  very  cumbersome  to  attempt  to  buy,  use  and  inte- 
grate a  different  product  in  each  country  that  we  do  business.  Fur- 
thermore, we  do  not  feel  as  comfortable  purchasing  non-U. S.  prod- 
ucts as  we  do  purchasing  American-made  software.  Practically 
speaking,  our  technical  staff,  most  of  whom  are  based  in  the  United 
States,  would  have  difficulty  working  with  vendors  in  different 
time  zones.  We  also  lack  familiarity  or  comfort  with  the  overseas 
products  and  vendors. 

Mr.  Chairman,  instead  of  trying  to  fit  our  security  needs  into  the 
parameters  of  U.S.  export  restrictions,  we  would  like  to  be  able  to 
use  strong  encryption  products  developed  in  the  United  States,  and 
we  want  to  make  those  products  available  to  our  clients  overseas. 
Through  so-called  overseas  office  exemption,  U.S.  companies  can 
export  any  encryption  products  they  want  to  their  overseas  offices. 
However,  this  process  entails  paperwork  burdens  and  penalties  for 
noncompliance.  Also,  I  want  to  emphasize  to  the  committee  that  it 
does  not  apply  to  communications  with  clients  abroad.  For  our  for- 
eign clients,  current  law  only  allows  us  to  export  encryption  tech- 
nologies that  use  up  to  40-bit  keys.  The  inadequacy  of  40-bit 
encrjqption  is  of  particular  concern  to  Bear,  Stearns  and  the  rest  of 
the  securities  industry. 

The  Clinton  administration  sought  to  address  the  limitations  of 
current  export  restrictions  while  protecting  its  legitimate  law  en- 
forcement interests  by  proposing  a  commercial  key  escrow  system. 
The  CKE  system  would  permit  U.S.  companies  to  export  56-bit 


75 

technology,  but  would  require  a  copy  of  the  key  to  be  kept  with  a 
third  party  or  escrow  agent.  Bear,  Stearns  does  not  support  the 
CKE  system  for  several  reasons.  First,  56  bits  is  not  sufficiently  se- 
cure. Many  of  our  overseas  clients  already  use  stronger  products 
that  are  available  abroad  and  can  be  imported  into  the  United 
States.  Those  clients  would  have  no  incentive  to  move  to  a  56-bit 
key. 

Second,  while  we  might  be  receptive  to  a  key  escrow  system,  we 
would  not  support  allowing  third  party  access  to  the  keys,  even  if 
the  Government  is  the  third  party.  Key  escrow  is  quite  different 
from  third  party  escrow.  According  to  the  administration's  pro- 
posal. Government-approved  key  escrow  agents  are  prohibited  from 
informing  parties  when  their  keys  have  been  disclosed.  Our  firms 
could  never  be  sure  if  the  key  escrow  agent  followed  the  proper  pro- 
cedures when  disclosing  our  keys.  No  securities  firm  would  be  com- 
fortable giving  a  third  party,  no  matter  how  trustworthy,  the 
means  to  access  all  of  its  confidential  customer  data  and  other  pro- 
prietary information. 

Third,  the  administration  has  said  it  will  enter  into  bilateral 
agreements  with  other  countries  to  establish  circumstances  under 
which  escrowed  keys  would  be  disclosed  to  those  governments.  Al- 
though the  administration  has  said  it  will  only  negotiate  these 
agreements  with  friendly  nations,  it  is  disconcerting  to  realize  that 
access  to  our  keys  could  become  a  bargaining  chip  in  a  foreign  pol- 
icy debate. 

Finally,  we  do  not  support  the  CKE  proposal  because  it  is 
untested,  unworkable,  and  designed  to  fit  the  needs  of  law  enforce- 
ment and  national  security,  not  the  needs  of  the  business  commu- 
nity and  our  clients.  While  we  recognize  the  need  for  a  strong  na- 
tional defense  and  vigorous  law  enforcement  efforts,  we  do  not  be- 
lieve that  restricting  critical  technology  is  the  way  to  solve  these 
problems.  We  understand  that  the  administration  is  going  to  re- 
lease a  new  proposal  to  relax  export  restrictions,  and  we  look  for- 
ward to  providing  feedback  after  we  have  reviewed  the  plan. 

Mr.  Chairman,  we  believe  H.R.  3011,  the  Security  and  Freedom 
Through  Encryption  (SAFE)  Act,  would  solve  the  problems  with 
current  export  policy.  In  our  view,  the  bill  addresses  the  problems 
with  current  law  in  a  balanced  and  measured  fashion.  By  allowing 
our  firms  to  provide  secure  communications  with  clients  and  part- 
ners abroad,  H.R.  3011  will  foster  growth  in  the  capital  markets, 
enhance  the  global  competitive  position  of  U.S.  securities  firms, 
and  lead  to  a  new  era  of  electronic  commerce. 

I  thank  you  for  giving  me  an  opportunity  to  testify  in  support  of 
this  important  legislation.  I  would  be  happy  to  answer  any  ques- 
tions you  may  have. 

[The  prepared  statement  of  Ms.  Ripley  follows:] 

Prepared  Statement  of  Patricia  Ripley,  Managing  Director,  Bear,  Stearns  & 

Co.,  Inc. 

Good  morning,  Mr.  Chairman,  Congressman  Conyers,  members  of  the  Committee, 
thank  you  for  this  opportunity  to  testify  in  support  of  H.R.  3011. 

My  name  is  Patricia  Ripley.  I  am  the  Managing  Director  at  Bear,  Steams  respon- 
sible for  the  Corporate  Security  function,  which  I  started  in  1990.  My  responsibil- 
ities include  developing  information  security  policies  and  guidelines,  and  reviewing 
and  testing  security  implementation.  Prior  to  1990,  I  was  in  charge  of  the  Computer 
Auditing  function  at  Bear,  Steams  and  before  that  was  a  principal  with  Arthur 


76 

Young  &  Company,  managing  the  computer  audit  group  for  the  New  York  office  and 
metropoHtan  region. 

Security  is  very  important  to  Bear,  Steams  as  it  is  to  all  of  us  in  the  securities 
industry.  At  Bear,  Steams,  my  staff  and  I  review  and  analyze  technology  and  its 
impact  on  security  at  the  Firm.  We  have  a  fiduciary  responsibility  to  our  customers 
and  to  our  shareholders  to  maintain  the  confidentiality,  integrity  and  availability 
of  our  data.  Each  year,  Bear,  Stearns  spends  hundreds  of  thousands  of  dollars  build- 
ing, buying,  implementing  and  testing  the  security  of  our  systems  and  networks. 

My  primary  responsibility  is  to  protect  the  information  of  our  customers  and  of 
the  Firm.  Our  business  depends  on  the  ability  to  communicate  quickly  and  effec- 
tively with  our  clients  and  to  advise  them  on  financial  matters.  If  we  could  not 
maintain  the  confidentiality  of  our  clients'  and  our  own  data,  we  would  lose  our  cli- 
ents' confidence  and  their  business.  In  today's  financial  environment,  we  compete 
with  firms  from  all  over  the  world.  The  customers  we  court  are  investors  both  with- 
in and  outside  the  United  States.  Our  ability  to  present  globally-deployed  financial 
expertise  to  our  clients  makes  us  successful. 

The  growth  of  the  Internet  and  open  systems  has  presented  us  with  new  security 
challenges.  There  are  people  at  Bear,  Steams  who  feel  that  the  security  risks  of  the 
Internet  outweigh  the  business  benefits.  However,  the  Firm  feels  that  we  have  no 
choice  but  to  use  the  Internet  if  we  are  to  stay  competitive.  Our  clients  want  to  do 
business  over  the  Internet.  Our  competitors  already  do.  We  no  longs-  have  the  op- 
tion to  stay  off-line. 

Because  of  my  responsibility  for  security,  I  was  asked  to  oversee  Bear,  Steams' 
connection  to  the  Internet  and  its  secure  use.  Because  of  the  security  concerns,  we 
have  taken  a  relatively  conservative  approach  to  using  the  Internet.  We  believe  that 
any  information  that  is  passed  over  the  Internet  can  and  will  be  read  by  others, 
unless  strong  security  measures  are  implemented.  Our  "Internet  Use"  policy  states 
that  Internet  "services  should  not  be  relied  upon  as  a  secure  or  efficient  means  of 
communication  or  data  transmission  unless  appropriate  security  measures  have 
been  taken"  and  that  "the  Internet  and  third-party  dial-up  services  are  not  to  be 
used  for  transmitting  or  receiving  any  information  that  might  be  considered  propri- 
etary or  confidential  unless  appropriate  security  measures  are  taken." 

This  policy  has  generated  numerous  inquiries  as  to  what  constitutes  sensitive  in- 
formation and  how  to  best  secure  it.  The  Wall  Street  environment  is  highly  competi- 
tive. When  we  have  information  that  gives  us  a  market  edge  over  our  competitors, 
it  is  crucial  that  we  keep  that  information  secret.  When  our  market  analysts  spot 
a  trend,  it  is  crucial  that  we  provide  that  information  to  our  clients — and  only  our 
clients — without  it  finding  its  way  into  the  hands  of  our  competitors.  As  you  might 
imagine,  much  of  the  information  in  which  we  trade  is  extremely  valuable. 

For  example,  if  we  are  advising  a  client  on  a  potential  acquisition,  the  name  of 
the  target  company  cannot  become  public  before  the  client  is  ready  to  announce  it. 
Should  the  information  be  made  public  too  early,  purchases  could  be  made  in  the 
market  that  would  make  the  planned  acquisition  more  expensive,  or  even  impossible 
to  complete. 

The  securities  industry  is  at  the  forefront  of  using  information  and  communica- 
tions technologies  to  facilitate  global  business.  As  more  and  more  of  this  information 
is  sent  electronically,  safeguarding  the  confidentiality  of  this  information  has  be- 
come a  vital  concern  to  us.  Encryption — the  process  by  which  messages  are  dis- 
guised from  unauthorized  recipients — is  a  technology  to  secure  communications  be- 
tween ourselves  and  our  overseas  clients  and  colleagues. 

Because  encryption  relies  on  complicated  mathematical  formulae  to  scramble  mes- 
sages, encrypted  messages  cannot  be  read  unless  the  receiver  has  a  corresponding 
formula,  or  key,  that  will  unscramble  the  message.  The  longer  an  encryption  key 
is,  the  stronger  it  is  considered  to  be  and  the  more  difficult  it  is  for  an  unauthorized 
party  to  decode.  The  securities  industry  currently  uses  encryption  technology  to  pro- 
tect sensitive  electronic  communications  domestically.  We  also  use  encryption  to  au- 
thenticate the  originator  of  information,  including  digital  signatures. 

In  the  international  environment,  however,  the  industry  has  to  contend  with  an 
additional  set  of  adversaries.  Besides  our  non-U. S.  competitors,  it  is  not  unheard  of 
for  foreign  intelligence  agencies  to  conduct  industrial  espionage  against  U.S.  fins  on 
behalf  of  their  domestic  industries.  Unfortunately,  current  export  restrictions  on 
encryption  do  not  allow  us  to  provide  robust  American-made  encryption  software  to 
our  non-US  clients,  as  well  as,  hamper  our  efforts  to  communicate  securely  with 
them.  This  leaves  us  with  two  options:  providing  the  client  with  encryption  software 
made  by  a  non-U.S.  company,  or  refusing  to  communicate  with  the  client  electroni- 
cally and  trying  to  find  alternate  means  of  communication. 

This  leaves  us  and  other  U.S.  securities  films  at  a  disadvantage.  Companies  that 
reside  in  the  country  in  which  we're  doing  business  can  employ  any  encryption 


77 

scheme  on  the  local  market  they  wish.  Because  of  Bear,  Steams'  size,  we  prefer  to 
standardize  products  that  can  be  used  by  all  of  the  locations  we  support  around  the 
world.  It  would  be  very  ciunbersome  to  attempt  to  buy,  use,  and  integrate  a  dif- 
ferent product  in  each  country  in  which  we  do  business. 

Furthermore,  we  do  not  feel  as  comfortable  purchasing  non-U.  S.  products  as  we 
do  purchasing  American-made  software.  Practically  speaking,  our  technical  most  of 
whom  are  based  in  the  United  States,  would  have  difficulty  working  with  vendors 
in  different  time  zones  all  over  the  world.  We  also  lack  familiarity  or  comfort  with 
the  overseas  products  and  vendors.  We  typically  work  face-to-face  with  vendors  to 
evaluate  and  understand  their  product  prior  to  buying  them.  We  ask  for  hands-on 
product  demonstrations  and  normally  request  white  papers  describing  the  products 
and  evaluation  copies  of  the  hardware  or  software  products  to  help  us  in  the  selec- 
tion process.  We  also  monitor  the  testing  of  products — both  formally  by  the  vendor 
and  also  through  reports  over  the  Internet  from  other  companies  that  have  tested 
these  products.  The  inherent  difficulties  of  long  distance  product  support  is  another 
consideration  that  dissuades  us  from  using  foreign  products. 

This  is  ironic  because  anyone  anywhere  in  the  world  can  download  a  copy  of  PGP 
(Pretty  Good  Privacy),  a  free  encryption  program  available  from  Internet  sites  lo- 
cated around  the  world.  ^  For  example,  our  legal  department  might  wish  to  exchange 
data  securely  with  a  London  law  firm.  We  can  ask  the  London  firm  to  use  PGP  and 
can  ask  them  to  generate  and  send  us  their  public  key.  Similarly,  we  can  generate 
and  send  them  our  public  key.  Once  done,  we  can  then  legally  exchange  messages 
and  data  that  have  been  encrypted  with  the  strong  cryptography  available  in  PGP. 

Even  if  we  were  to  communicate  with  all  our  overseas  clients  in  this  manner,  PGP 
is  not  the  ultimate  solution  because  it  will  not  work  in  all  instances  where  we  need 
secure  communications.  We  use  many  different  communication  technologies,  each  of 
which  can  require  a  different  security  implementation  and  PGP  does  not  work  with 
many  of  them.  Security  products  do  exist  in  the  U.S.  to  solve  these  problems,  but 
they  cannot  be  exported.  Rather  than  try  to  fit  our  security  needs  in  the  parameters 
of  U.S.  export  restrictions,  we  would  like  the  option  of  using  strong  encryption  prod- 
ucts developed  in  the  U.S.  that  have  more  functionality  and  are  easier  to  use,  and 
to  be  able  to  make  those  products  available  to  our  clients  overseas. 

As  mentioned  before,  existing  laws  and  regulations  governing  the  export  of 
encryption  technology  place  our  ability  to  communicate  confidentially  with  our  for- 
eign clients  at  risk.  The  federal  government  classifies  "strong"  encryption  as  "muni- 
tions" and  closely  controls  the  use,  sale  and  re-export  of  encryption  software.  These 
nobles  ignore  the  fact  that  many  of  the  restricted  products  are  already  available  out- 
side the  U.S.  And  even  though  the  rules  allow  U.S.  companies  to  export  any 
encryption  products  they  wish  to  their  overseas  offices,  this  process  entails  paper- 
work burdens  and  severe  penalties  for  non-compliance. 

In  addition,  the  overseas  office  exception  does  not  apply  to  communications  with 
clients  abroad.  With  respect  to  our  clients,  current  law  only  allows  us  to  export 
encrjTJtion  technologies  that  use  up  to  40-bit  keys.  In  the  past,  only  government  in- 
telligence agencies  with  significant  budgets  for  encryption  technology  would  have 
been  able  to  break  such  a  code,  but  with  the  advent  of  faster  and  more  sophisticated 
computers,  an  individual  with  a  good  computer  can  break  a  40-bit  key  in  several 
hours. 

Competitor  companies  or  governments  with  budgets  dedicated  to  decrjrpting  mes- 
sages can  unlock  a  40-bit  key  in  a  matter  of  seconds.  According  to  an  ad  hoc  group 
of  cryptographers  and  computer  scientists,  it  would  take  an  intelligence  agency  with 
a  $300  million  budget  for  decryption  technology  just  a  fraction  of  a  second  to  decode 
a  40-bit  key;  a  company  with  a  $300,000  budget  could  break  a  40-bit  key  in  24  sec- 
onds; and  a  hacker  with  $400  worth  of  software  could  do  it  in  5  hours.  The  inad- 
equacy of  40-bit  encryption  is  of  particular  concern  to  Bear,  Steams  and  the  rest 
of  the  securities  industry.  It  is  imperative  that  we  have  the  tools  to  ensure  the  con- 
fidentiality of  ovu"  overseas  business  communications.  As  I  noted  earlier,  the  strong- 
er cryptography  available  fi"om  foreign  companies  does  not  provide  a  workable  solu- 
tion to  our  security  concerns. 

The  CUnton  Administration  sought  to  address  the  limitations  of  current  export  re- 
strictions while  still  protecting  its  legitimate  law  enforcement  interests  in  combating 
global  terrorism  ana  organized  crime,  by  proposing  a  "Commercial  Key  Escrow^ 
(CKE)  system.  The  CKE  system  would  permit  U.S.  companies  to  export  64-bit  tech- 
nology, but  would  require  a  copy  of  the  key  to  be  kept  with  a  third  party  or  escrow 
agent.  The  escrow  agent,  most  likely  a  bank  or  encrjrption  company,  could  release 
the  key  under  two  circumstances: 


1  Several    such    sites    are    listed    at    the    Encryption    Policy    Resource    Page    at    http:// 
www.crypto.com/. 


78 

to  the  owner  if  the  key  had  been  lost  and  it  was  needed  to  decrypt  documents, 
and 

to  law  enforcement  officials  if  they  have  the  appropriate  warrants  necessary 
to  obtain  data  which  had  been  encrypted  with  the  escrowed  key. 

Bear,  Steams  does  not  support  the  CKE  system  for  several  reasons.  First,  64  bits 
is  not  sufficiently  secure.  While  the  Administration's  proposal  would  be  an  improve- 
ment over  the  current  40-bit  limit,  the  government  acknowledged  at  an  industry 
meeting  with  the  National  Institute  of  Standards  and  Technology  that  well-funded 
attackers  (such  as  foreign  governments)  could  break  64-bit  encryption  without  too 
much  difficulty.  In  addition,  many  of  our  overseas  clients  are  already  using  stronger 
products  that  are  available  abroad  and  can  be  imported  into  the  U.S.  Those  clients 
would  have  no  incentive  to  move  to  a  64-bit  key  that  would  provide  them  with  less 
protection  than  is  currently  available  through  their  foreign  suppliers. 

Second,  while  we  might  be  receptive  to  a  key  escrow  system,  we  will  not  support 
allowing  third  party  access  to  the  keys,  even  if  the  government  is  the  third  party. 
Key  escrow — in  which  individual  firms  would  keep  the  keys  in  their  own  off-site 
data  centers  or  in  safe  deposit  boxes  -is  quite  different  from  third  party  escrow.  Ac- 
cording to  the  Administration's  proposal,  government-approved  key  escrow  agents 
are  prohibited  from  informing  parties  when  their  Keys  have  been  disclosed.  Thus, 
our  firms  will  never  be  sure  if  the  key  escrow  agent  followed  the  proper  procedures 
when  disclosing  our  keys.  No  securities  firm  would  be  comfortable  giving  any  third 
party,  no  matter  how  trustworthy,  the  means  to  access  all  of  its  confidential  cus- 
tomer data  and  other  proprietary  information. 

Third,  the  Administration  has  said  it  will  enter  into  bilateral  agreements  with 
other  countries  to  establish  circumstances  under  which  escrowed  keys  will  be  dis- 
closed to  those  governments.  Although  the  Administration  has  said  it  will  only  nego- 
tiate these  agreements  with  friendly  nations,  it  is  disconcerting  to  realize  that  ac- 
cess to  our  keys  could  become  a  bargaining  chip  in  a  foreign  policy  debate.  We  are 
particularly  concerned  because  some  ostensibly  friendly  countries  have  targeted  our 
firms  as  a  source  of  information  for  their  domestic  industries. 

Finally,  we  do  not  support  the  CKE  proposal  because  it  was  designed  to  fit  the 
needs  of  law  enforcement  and  national  security,  not  the  needs  of  the  business  com- 
munity and  our  clients.  While  we  recognize  the  need  for  a  strong  national  defense 
and  vigorous  law  enforcement  efforts,  we  do  not  believe  that  restricting  critical  tech- 
nology is  the  way  to  solve  those  problems.  The  U.S.  stands  to  fall  far  behind  other 
countries  in  electronic  commerce  if  it  cannot  develop  a  secure  worldwide  payments 
system.  As  discussed  above.  Cubit  encryption  falls  far  short  of  this  goal.  Indeed,  this 
view  was  endorsed  by  the  National  Research  Council,  a  bipartisan  non-profit  insti- 
tution that  provides  advice  to  Congress  on  science  and  technology.  In  a  report  re- 
leased on  May  30,  the  NRC  said: 

The  U.S.  government's  current  support  of  escrowed  encryption  as  a  tech- 
nical pillar  of  its  crjrptography  policy  is  inappropriate  now  because  there 
are  too  many  unresolved  questions  about  this  approach.  Even  when  these 
problems  are  resolved,  adoption  of  escrowed  encryption  or  of  any  other  spe- 
cific technology  standard  by  the  commercial  sector  should  be  voluntary  and 
based  on  business  needs,  not  government  pressure. 

Mr.  Chairman,  we  believe  H.R.  3011,  The  Security  and  Freedom  Through 
Encryption  (SAFE)  Act,  rises  to  the  NEC's  challenge.  H.R.  3011  would: 

Allow  the  unrestricted  export  of  "mass  market"  or  "public  domain"  encryption 
programs  such  as  "Pretty  Good  Privacy;" 

Require  the  Secretary  of  Commerce  to  allow  the  unrestricted  export  of  other 
encryption  technologies  if  products  of  similar  strength  are  generally  available 
outside  the  U.S.; 

Prohibit  the  federal  government  from  imposing  mandatory  key  escrow  policies 
on  the  domestic  market;  and 

Limit  the  authority  of  the  Secretary  of  Commerce  to  set  standards  for 
encryption  products. 
We  believe  that  the  bill  addresses  the  problems  with  current  law  in  a  balanced 
and  measvired  fashion.  I  and  my  colleagues  in  information  security  need  to  find 
ways  to  provide  our  firms  with  secvire  communication  without  violating  the  govern- 
ment's outdated  encryption  export  policies.  In  some  cases,  this  has  meant  using  non- 
electronic means  of  communication,  an  obvious  disadvantage  in  this  era  of  instant 
global  communication.  By  allowing  our  firms  to  provide  secure  communications  with 
clients  and  partners  abroad,  H.R.  3011  will  foster  growth  in  the  capital  markets, 
enhance  the  global  competitive  position  of  U.S.  securities  firms,  and  lead  to  a  new 
era  of  electronic  commerce. 


79 

I  thank  you  for  introducing  this  important  legislation  and  for  giving  me  an  oppor- 
tunity to  testify  in  its  support.  I  would  be  happy  to  answer  any  questions  you  may 
have. 

Mr.  GOODLATTE.  Thank  you,  Ms.  Ripley. 

Dr.  Deneka,  am  I  pronouncing  your  name  correctly? 

Dr.  Deneka.  It's  pronounced  Deneka,  rhjnmes  with  Seneca. 

Mr.  GoODLATTE.  Very  good,  and  I  apologize.  Please  give  us  your 
testimony. 

STATEMENT  OF  DR.  CHARLES  W.  DENEKA,  CfflEF  TECHNICAL 
OFFICER,  CORNING,  INC.,  ON  BEHALF  OF  THE  NATIONAL  AS- 
SOCIATION OF  MANUFACTURERS 

Dr.  Deneka.  Good  morning,  Mr.  Chairman,  and  members  of  the 
committee.  I  am  the  chief  technology  officer  at  Coming,  Inc. 

In  the  interest  of  time,  I  will  summarize  my  comments,  but  ask 
that  a  full  version  be  inserted  into  the  record. 

Mr.  Goodlatte.  Without  objection. 

Dr.  Deneka.  Established  in  1851,  Corning,  Inc.,  creates  leading- 
edge  technologies  for  the  fastest-growing  segments  of  the  world's 
economy,  including  telecommunications,  display  devices,  life 
sciences,  as  well  as  our  more  commonly  known  commercial 
consumer  products.  Our  total  revenues  from  continuing  operations 
last  year  were  $3.3  billion. 

Today,  however,  I  am  representing  the  National  Association  of 
Manufacturers  and  its  14,000  member  companies.  The  NAM  sup- 
ports H.R.  3011  and,  in  particular,  the  relaxation  of  unilateral  ex- 
port controls  on  encryption.  The  National  Academy  of  Sciences  has 
extensively  documented  the  need  for  this  policy  change.  Thus,  my 
message  this  morning  is  very  simple.  It's  not  just  computer  and 
communication  companies,  as  suppliers,  that  suffer  serious  restric- 
tions from  rigid  export  controls  on  encr5T)tion,  and  it's  not  just 
banks  and  users  that  need  encryption.  I'm  here  to  say  that  Amer- 
ican industry,  in  general,  needs  encrj^jtion  as  a  part  of  the  relief 
from  onerous  unilateral  trade  policies. 

Think  for  a  moment  of  the  new  business  vocabulary  you  have 
been  recently  hearing:  just-in-time  delivery,  global  sourcing,  CAD- 
CAM.  The  new  terminology  reflects  the  ways  that  a  business  has 
to  operate  to  be  successful  now  and  into  the  next  century — elec- 
tronically, globally,  ever  more  responsive  to  customer  demands  and 
a  shifting  business  environment. 

Let  me  give  you  an  example  from  my  own  company.  Coming,  Inc. 
As  I've  said.  Corning  is  a  technology  company  which  has  a  long  and 
rich  history  of  inventions,  secrets  upon  which  the  future  of  the 
company  depends.  This  information  must  not  be  accessed  by  poten- 
tial competitors,  either  in  the  private  or  Government  sectors.  We 
have  a  major  laboratory  in  France  and  a  smaller,  but  important, 
lab  in  Japan  that  we  are  concerned  about  communicating  with.  It 
is  our  opinion  that,  unlike  financial  information  where  the  informa- 
tion has  little  commercial  value  minutes  or  hours  after  it  has  been 
intercepted,  information  that  we  need  to  share  across  our  global  fa- 
cilities has  a  useful  lifetime  of  years,  if  not  decades.  Unless  robust 
encryption  technology  is  available,  a  potential  competitor  could 
decrypt  information  about  our  inventions  at  their  leisure.  This 
would  cause  us  great  harm. 


80 

The  future  of  Corning  depends  upon  new  products  spawned  by 
our  worldwide  research  and  development  facilities.  Our  innovation 
process  depends  upon  the  ready  access  of  proprietary  information 
by  research  associates  in  our  facilities  across  the  globe.  In  order  to 
make  progress,  the  information  must  be  accessed  by  authorized 
personnel  in  a  secure  manner  with  no  possibility  of  this  informa- 
tion leaking  out  until  the  appropriate  patent  or  commercial  action 
is  taken.  We,  therefore,  feel  that  to  protect  our  intellectual  capital 
from  the  penetration  by  foreign  competition  or  government  bodies, 
the  encryption  technology  deployed  must  be  sufficient  to  prevent 
this,  even  when  there  is  no  time  limit  on  decryption  efforts. 

An  alternative  to  secure,  encrypted  communications  and  systems 
may  appear  to  be  for  Corning  employees  or  couriers  to  physically 
go  to  the  non-U. S.  labs  and  carry  with  them  either  paper  copies  or 
laptop  computers.  Major  problems  with  this  approach  which  pre- 
vent it  from  being  viable  are  that,  first,  only  a  limited  number  of 
our  people  can  travel  because  of  the  high  cost,  and  while  they're 
traveling  they're  out  of  their  labs  and  aren't  productive  in  advanc- 
ing technology.  Also,  the  time-lag  created  by  moving  paper  phys- 
ically, by  any  means,  would  be  intolerable  in  this  world  of  rapidly 
increasing  rate  of  change.  It  would  be  like  going  back  to  the  Pony 
Express  days. 

Finally,  our  people  have  very  frequent,  often  daily,  communica- 
tions. During  the  critical  phases  of  projects,  we  oftentimes  have 
real-time  discussions  involving  many  people  on  each  side  of  the 
ocean.  We  are  concerned  about  our  ability  to  do  business  in  a  glob- 
al marketplace,  taking  advantage  of  innovative  abilities  in  other 
countries,  unless  we  have  sufficient  safeguards  on  our  competitive 
advantage:  knowledge,  inventions,  processes,  and  product  and  mar- 
ket plans. 

The  very  limited  export  licenses  now  granted  do  not  provide  us 
sufficient  security.  We  need  secure  global  connectivity  to  our  for- 
eign suppliers  and  customers,  not  just  our  subsidiaries.  In  the  long 
run,  we  cannot  win  in  global  competition  without  that  security.  If 
we  cannot  offer  the  requisite  security,  then  our  suppliers  and  cus- 
tomers will  do  business  with  other  companies  that  can.  The  Gov- 
ernment contradicts  itself,  the  NAM  submits,  in  claiming  that  in- 
dustrial espionage  carried  out  with  the  power  of  foreign  intelligence 
is  a  big  problem,  while  simultaneously  stopping  industry  from  de- 
ploying the  self-protective  measures  that  it  seeks.  An  ounce  of  pre- 
vention is  worth  a  pound  of  cure.  Once  information  falls  into  the 
wrong  hands,  there  is  no  way  for  us  to  get  it  back.  American  manu- 
facturers need  to  prevent  this  from  happening  in  the  first  place. 

Mr.  Chairman,  this  concludes  my  statement,  and  I  would  be  glad 
to  take  questions. 

[The  prepared  statement  of  Dr.  Deneka  follows:] 

Prepared  Statement  of  Dr.  Charles  W.  Deneka,  Chief  Technical  Officer, 
Corning,  Inc.,  on  Behalf  of  the  National  Association  of  Manufacturers 

Thank  you  and  good  morning  Mr.  Chairman.  I  am  Dr.  Charles  W.  Deneka,  Senior 
Vice  President  and  Chief  Technical  Officer  at  Coming  Incorporated.  Also  with  me 
today  is  Dr.  James  M.  Scott — Chief  Information  Officer  &  Director  of  Information 
Technology  for  Science  &  Technology.  Established  in  18.51,  Coming  Incorporated 
creates  leading-edge  technologies  for  the  fastest  growing  segments  of  the  world's 
economy.  Coming  manufactures  optical  fiber,  cable  and  components,  high-perform- 
ance glass  and  components  for  televisions,  and  other  electronic  displays  for  commu- 


81 

nications  and  communications-related  industries;  advanced  materials  for  the  sci- 
entific, life  sciences  and  environmental  markets;  and  consumer  products.  Coming's 
total  revenues  from  continuing  operations  in  1995  were  $3.3  billion.  Today,  however, 
I  am  representing  the  National  Association  of  Manufacturers  and  its  14,000  member 
companies.  The  NAM  supports  H.R.  3011,  in  particular,  the  relaxation  of  imilateral 
export  controls  on  encryption. 

The  National  Academy  of  Sciences  has  extensively  documented  the  need  for  this 
policy  change.  Thus,  my  message  this  morning  will  be  very  simple.  It  is  not  just 
computer  and  communications  companies,  as  suppliers,  that  suffer  serious  restric- 
tions from  rigid  export  controls  on  encryption.  And  it  is  not  just  banks,  as  users, 
that  need  encryption.  I  am  here  to  say  that  American  industry,  in  general,  needs 
a  relaxation  of  encryption  controls  as  part  of  needed  relief  from  onerous  unilateral 
trade  poUcies.  Agriculture  is  often  exempted  from  unilateral  trade  sanctions;  often, 
airlines  as  well.  In  encryption,  financial  services  have  been  accorded  special  status. 
But,  time  after  time,  U.S.  manufacturers  bear  the  brunt  of  poUcies  that  impose  bur- 
dens oiu"  allies  refuse  to  impose  on  their  firms  which  are  our  global  competitors. 

Think,  for  a  moment,  of  the  new  business  vocabulan'  you  ve  recently  been  hear- 
ing: just-in-time  delivery;  global  sourcing;  and  CAD/CAM  (computer-aided  design 
and  manufacturing).  The  new  terminology  reflects  the  ways  that  a  business  has  to 
operate  to  be  successftil  now  and  into  the  next  century:  electronically,  globally,  ever 
more  responsive  to  customer  demands  and  a  shifting  business  environment.  This 
represents  a  far  different  image  of  manufacturing  success  than  what  we  all  learned 
in  school,  when  we  saw  pictures  of  Henry  Ford's  assembly  line  of  identical  Model 
Ts  destined  for  a  domestic  market. 
Let  me  give  you  an  example  fi"om  my  own  company.  Coming  Incorporated. 
Coming  is  a  technology  company  which  has  a  long  and  rich  history  of  "inventions," 
secrets  upon  which  the  future  of  the  company  depends.  This  information  must  not 
be  accessed  by  potential  competitors,  either  in  the  private  or  government  sector.  We 
have  a  major  laboratory  in  Prance  and  a  smaller,  but  important  lab,  in  Japan  that 
we  are  concerned  about  communicating  with.  It  is  our  opinion  that,  unlike  financial 
information,  where  information  may  have  little  commercial  value  minutes  or  hours 
after  it  has  been  intercepted,  the  information  that  we  need  to  share  across  our  glob- 
al facilities  has  a  useful  "lifetime"  of  years,  if  not  decades.  Unless  robust  encryption 
technology  is  available,  a  potential  competitor  could  decrypt  information  about  our 
inventions  at  their  leisure.  This  would  cause  us  great  harm. 

The  fiiture  of  Coming  depends  upon  new  products  spawned  by  our  world-wide  re- 
search and  development  facilities.  CKir  innovation  process  depends  upon  the  ready 
access  of  proprietary  information  by  research  associates  in  our  facilities  around  the 
globe.  In  order  to  make  progress,  the  information  must  be  accessed  by  authorized 
personnel  in  a  secure  manner,  with  no  possibility  of  this  information  leaking  out 
until  the  appropriate  patent  or  commercial  action  has  been  taken.  We,  therefore, 
feel  that  to  protect  our  intellectual  capital  from  penetration  by  foreign  competition 
or  government  bodies,  the  encryption  technology  deployed  must  be  si2licient  to  pre- 
vent this,  even  when  there  is  no  time  limit  on  decryption  efforts. 

TjT)es  of  highly  proprietary  information  that  Coming  associates  need  to  access  on 
a  world-wide  basis  includes:  research  reports,  patent  information,  process  informa- 
tion, product  plans,  and  market  plans. 

An  alternative  to  secure,  encrypted  communications  and  systems  may  appear  to 
be  for  Coming  employees  or  couriers  to  physically  go  to  the  non-U.  S.  labs  and  carry 
with  them  either  paper  copies  or  laptop  computers.  The  major  problems  with  this 
approach  which  prevent  it  from  being  viable  are: 

Only  a  Limited  number  of  our  people  can  travel  because  of  the  high  cost,  and 
while  they  are  traveling  they  are  out  of  their  labs  so  they  cannot  be  productive 
in  advancing  technology  further. 

The  time  lag  created  by  moving  paper  physically  by  any  means  would  be  in- 
tolerable in  this  world  of  rapidly  increasing  rate  of  change.  It  would  be  like 
going  back  to  the  Pony  Express  days. 

Finally,  our  people  have  very  fi-equent,  often  daily,  communications.  Dxiring 
critical  phases  of  projects  we  often  have  real-time  discussions  involving  many 
people  on  each  side.  In  addition  to  needing  secure  communications  between  Cor- 
ning's  own  U.S.  and  international  labs,  we  also  absolutely  need  to  have  this  se- 
cvuity  when  dealing  with  other  non-U.S.  companies.  We  have  had,  and  will  con- 
tinue to  have,  highly  sensitive  and  very  important  joint  research  and  develop- 
ment programs  with  suppliers  of  specific  raw  materials,  some  of  which  are  cru- 
cial to  the  performance  of  our  products,  as  well  as  with  existing  and  potential 
new  customers.  We  also  do  research  and  development  with  some  universities 
and  government  laboratories  when  it  helps  us  develop  or  improve  our  products. 
This  is  a  natural  consequence  of  the  global  flow  of  materials  and  knowledge 


82 

back  and  forth  across  national  boundaries  through  the  value  chain  often  seen 
in  medium  and  high-tech  products  of  today.  These  communications  must  be  pro- 
tected. 

We  are  concerned  about  our  ability  to  do  business  in  a  global  marketplace,  taking 
advantage  of  innovation  abilities  in  other  countries,  unless  we  have  sufficient  safe- 
guards on  our  know-how,  inventions,  processes,  product  and  market  plans. 

The  successful  manufacturer  of  the  fiiture  will  be  an  "agile  enterprise,"  to  use  the 
phrase  pioneered  by  another  auto  leader,  Lee  lacocca.  Production  runs  will  get 
shorter  and  shorter,  even  down  to  production  lots  of  one.  Long-term,  intimate,  sup- 
plier-customer relationships  will  manage  joint  design  and  development  of  compo- 
nents and  will  assure  just-in-time  deliveries.  In  this  environment,  protecting  only 
electronic  funds  transfer  cannot  and  will  not  suffice.  Valuable  proprietai-y  data  de- 
signs, tests  and  customer  lists  will  flow  electronically  and  must  oe  protected  as  well. 
Already  in  the  United  States,  the  one-third  of  the  economy  outside  of  manufacturing 
supports  the  one-fifth  of  the  total  economy  that  comprises  direct  manufacturing. 
Ancf,  as  you  well  know,  business  has  gone  global  forever. 

All  these  developments  explain  why  the  current  export  controls  win  have  to  give 
way  sooner  or  later.  Fundamentally,  they  are  incompatible  with  the  way  that  suc- 
cessful, agile  enterprises,  especially  manufacturers,  nave  to  function  now  and  into 
the  21st-century  global  economy.  It  is  only  a  matter  of  when  the  unilateral  controls 
win  be  relaxed,  and  how  much  damage  U.S.  business  suffers  in  the  meantime  com- 
pared with  foreign  competitors  not  equally  burdened. 

Even  before  encryption  emerged  as  a  key  functional  specification,  major  corpora- 
tions had  already  evolved  complicated,  sophisticated,  data  communications  systems 
to  manage  worldwide  operations,  meet  customer  demands,  and  gain  competitive  ad- 
vantage. Many  of  these  stories  are  now  part  of  business  history  that  everybody 
knows.  American  Airlines  pioneered  computer-based  reservations  almost  three  dec- 
ades ago.  The  market-leading  innovations  of  Federal  Express  in  the  package  deliv- 
ery market  now  includes  a  much  used  World  Wide  Website.  For  manufacturing,  the 
innovations  are  less  evident  from  the  end-consumer  point  of  view,  but  are  led  by 
the  major  manufacturers.  For  example,  in  communicating  with  their  supplier  base, 
Boeing  deals  with  almost  50,000  contractors  and  subcontractors  through  its  tightly 
managed  computer  network.  General  Motors  led  the  way  in  electronic  data  inter- 
change (EDI)  by  insisting  that  its  suppliers  work  with  it  to  get  rid  of  tons  of  paper- 
work. 

Security  is  simply  an  indispensable  element  of  system  performance,  like  process- 
ing capacity  or  uptime.  Logical  protection  against  outside  intrusion,  which  is  what 
encryption  is  an  about,  is  an  indispensable  element  of  security. 

The  very  limited  export  licenses  now  granted  do  not  provide  sufficient  security. 
We  need  secure  global  connectivity  with  our  foreign  suppliers  and  customers,  not 
just  our  subsidiaries.  In  the  long  run,  we  cannot  win  in  global  competition  without 
that  security.  If  we  cannot  offer  the  requisite  security,  then  our  suppliers  and  cus- 
tomers will  do  business  with  other  companies  that  can. 

A  topic  that  must  not  go  unnoticed  this  morning  is  industrial  espionage.  The  FBI 
has  testified  before  Congress  that  agents  of  23  foreign  countries  are  targeting  U.S. 
enterprises  to  steal  their  best  technology.  The  NAM  agrees  that  the  threat  is  real 
and  that  losses  have  occurred.  The  FBI  s  answer  is  a  new  federal  statute  with  very 
strong  penalties,  the  better  to  prosecute  technology  theft. 

Mr.  Chairman,  the  irony  is  overwhelming.  Even  as  the  FBI  seeks  heavy  after-the- 
fact  penalties  for  people  who  get  caught,  they  oppose  this  legislation  to  put  better 
means  of  prevention  in  the  hands  of  the  targets  and  victims:  U.S.  companies.  The 
government  contradicts  itself,  the  NAM  submits,  in  claiming  that  industrial  espio- 
nage carried  out  with  the  power  of  foreign  intelligence  is  a  big  problem ,  while  simul- 
taneously stopping  industry  from  deploying  the  self-protective  measures  that  it 
seeks.  An  ounce  of  prevention  is  worth  a  pound  of  cure.  The  FBI  simply  cannot  have 
it  both  ways.  Once  information  fads  into  the  wrong  hands,  there  is  no  way  to  get 
it  back.  American  manufacturers  need  to  prevent  this  from  happening  in  the  first 
place. 

Mr.  Chairman,  this  concludes  my  statement  and  I  will  be  happy  to  take  questions. 

Mr.  GOODLATTE.  Thank  you  very  much.  Let  me  ask  all  of  you — 
the  administration  officials  have  represented  that  they  have  been 
working  with  industry  to  develop  an  encryption  consensus.  Do  you 
feel  that  the  administration  has  given  you  an  opportunity  to  ex- 
press your  concerns  and,  more  importantly,  that  those  concerns 
have  been  heard? 

Ms.  Brown,  why  don't  we  start  with  you? 


83 

Ms.  Brown.  Is  that  with  respect  to  the  pending  proposal? 

Mr.  GOODLATTE.  That  would  be  my  understanding,  yes. 

Ms.  Brown.  Speaking  on  behalf  of  Lotus  and  the  Business  Soft- 
ware Alliance  that  I'm  representing,  we  have  not  provided  recent 
input  into  the  proposal.  We're  not  aware  of  the  details  of  it,  so  I 
would  have  to  answer  with  respect  to  this  specific  proposal,  no.  We 
have  been  tr5dng  to  work  with  and  have  worked  with  Government 
constituencies  in  the  past,  and,  clearly,  we  would  like  to  continue 
to  do  that. 

Mr.  GoODLATTE.  But  you  don't  feel  like  you're  on  the  cutting 
edge  of  what's  going  on. 

Ms.  Brown.  Oh,  no.  No. 

Mr.  GoODLATTE.  Ms.  Katz. 

Ms.  Katz.  I  have  two  answers.  With  respect  to  the  specific  pro- 
posal, our  understanding  is  that  they  will  be  speaking  with  us 
shortly.  We  have  not  talked  with  them  about  the  specifics  of  the 
existing  proposal.  In  the  past,  the  Government  has  tried  to  talk 
with  us,  and  we've  tried  to  talk  with  the  Government.  As  Ms. 
Lofgren  said  before,  I  think  it's  almost  as  if  the  two  sides  are  talk- 
ing past  each  other  and  we  do  not  yet  agree  on  some  basic  assump- 
tions. We  have  one  set  of  assumptions — industry  does — and  I  think 
the  Government  currently  has  another  set  of  assumptions,  and  it's 
been  hard  to  bridge  that  gap. 

Mr.  GOODLATTE.  Ms.  Ripley. 

Ms.  Ripley.  Also,  as  with  us  as  well,  we  have  had  some  contact 
with  the  Government  through  our  own  firms  and  also  through  se- 
curities industry  association.  There  are  a  number  of  us  on  Wall 
Street  that  meet  with  the  securities  industry  and  use  that  as  a 
forum  for  an  awareness  of  what  is  happening  with  the  Government 
that  will  affect  our  industry.  We  have  not  been  privy  to  anything 
that's  happening  with  the  current  legislation  at  this  time,  and  hope 
that  we  will  have  the  opportunity  to  participate  in  those  discus- 
sions. 

Mr.  GOODLATTE.  We  do,  too. 

Dr.  Deneka. 

Dr.  Deneka.  I  cannot  speak  for  the  NAM,  but  I  can  say  that  Cor- 
ning has  not  been  involved  with  any  of  these  discussions  with  the 
U.S.  Government.  We  are  beginning  to  explore  these  ideas  in 
France,  however,  but  just  at  the  very  early  stages. 

Mr.  GOODLATTE.  OK,  thank  you. 

Ms.  Katz,  the  administration  has  represented  key  escrow  as  a 
type  of  public  service  now — it's  a  little  different  approach  they're 
taking — that's  driven  by  consumer  needs  to  have  the  ability  to  re- 
trieve the  key  when  they  use  encryption  if  they  should  lose  it  or 
some  other  problem  should  occur.  Does  the  Government  need  to  set 
such  a  standard,  or  can  industry  establish  voluntary  standards 
that  accomplish  the  same  end? 

Ms.  ICatz.  We  believe  it's  the  latter.  In  fact,  we  fear  that  if  the 
Government  does  try  to  set  such  a  standard  the  endeavor  will  fail, 
and  in  the  meantime,  we  will  have  lost  precious  time.  As  I  said  in 
my  oral  remarks,  the  problem  is  so  big,  setting  up  the  kind  of  sys- 
tem that  was  discussed — I  think  the  words  that  were  used  were 
"uniform  international  standard."  Pragmatically,  our  view  is  that  it 
will  not  happen,  and  we  will  lose  precious  time  in  the  meantime. 


84 

As  to  voluntary  standards,  we  believe  that  there  will  be  effective 
key  recovery  systems,  some  of  which  will  involve  self-escrows  of  the 
keys. 

Mr.  GOODLATTE.  Ms.  Ripley,  isn't  it  true  that  the  securities  in- 
dustry already  cooperates  with  the  Federal  Government,  in  terms 
of  law  enforcement  needs  that  they  might  have,  on  a  regular  basis, 
and  is  a  key  escrow  program  necessary? 

Ms.  Ripley.  Yes,  the  securities  industry  does  cooperate  with  the 
Government,  and  we  certainly  hope  to  continue  to  do  so. 

Mr.  GoODLATTE.  In  other  words,  when  they  have  a  court  order 
allowing  them  to  access  certain  information  regarding  something 
that  may  involve  a  criminal  activity  that  would  involve  some  trans- 
actions in  securities,  you  cooperate  with  them  and  make  available 
the  information  that  the  court  orders.  Is  that  not  correct? 

Ms.  Ripley.  That  is  absolutely  correct,  which  is  one  of  the  rea- 
sons why  we  feel  that  the  need  for  the  key  escrow  is  something 
that  we  don't  see  as  necessary,  because  with  the  appropriate  court 
orders  from  the  Government  we  would  continue  to  be  providing  the 
information  the  Government  needed,  including  access  to  keys 
which  we  would  ourselves  hope  to  be  escrowing  and  that  we  cur- 
rently do  escrow  for  our  domestic  use  of  encryption  keys. 

The  second  question  I  would  ask  you  to  repeat  again. 

Mr.  Goodlatte.  It  was  just  to  ask  whether  it  was  necessary  for 
them  to  have  such  a  key  escrow  program  if  you're  already  cooperat- 
ing with  them  and  you  are  highly  visible  entities — they  know 
where  you  are  when  they  need  to  get  information  from  you  and 
they  have  a  proper  court  order  to  do  it. 

Ms.  Ripley.  Absolutely. 

Mr.  Goodlatte.  Law  enforcement  also  argues  that  the  wide- 
spread use  of  strong  encryption  programs  could  essentially  evis- 
cerate the  ability  to  perform  legitimate  wiretaps.  Do  any  of  you 
have  a  response  to  that  concern? 

Ms.  Katz  What  I  would  suggest  here  is  that  the  Government's 
proposed  remedy  is  too  broad.  In  other  words,  there  is  good  to  be 
done  with  this  kind  of  a  program,  but  the  harm  will  exceed  the 
good.  If  American  companies  lose  their  leadership  in  this  area,  as 
I  said  before,  ultimately  we  harm  our  law  enforcement  and  na- 
tional security  interests  because  the  setting  of  the  standards  will 
move  to  foreign  shores. 

Mr.  Goodlatte.  That  concerns  me,  too,  from  the  standpoint  of 
protecting  the  rights  of  U.S.  citizens.  I  think  we  consider  our  Na- 
tion to  be  at  the  forefront  of  protecting  individual  liberties,  and 
some  think  we  don't  go  far  enough;  some  think  we  go  too  far.  But 
I  think  in  comparison  to  virtually  any  other  country  in  the  world, 
we  are  far  ahead  of  them,  and  here  we  are  negotiating  in  Paris, 
as  we  speak,  with  nations  who  have,  I  think,  far  less  concern  about 
protecting  individual  privacy  rights  than  we  do.  And  if  we  allow 
the  bulk  of  those  other  nations  to  influence  our  setting  of  that 
standard  because,  it  seems  to  me,  the  administration's  primary 
concern  seems  to  be  protecting  law  enforcement,  that  we're  going 
to  wind  up  with  an  international  standard  that  could  move  behind 
the  legislative  prerogative  of  the  Congress. 

Do  any  of  you  want  to  respond  to  that? 


85 

Ms.  Brown.  Well,  I'd  like  to  comment  on  that.  I  think  above  and 
beyond  the  simple  individual  user  and  individual  privacy  issues, 
which  I  agree  are  sort  of  the  foundation  for  our  culture  here,  we 
have  commercial  privacy  and  corporate  espionage  issues,  if  you 
will,  that  have  been  eluded  to  here  that  I  think  have  catastrophic 
consequences. 

Mr.  GOODLATTE.  And  governmental  espionage  issues;  I  haven't 
heard  any  of  these  individuals  say  that  the/re  going  to  escrow 
their  keys  in  cooperation  with  foreign  governments.  I  think  the 
issue  of  trust  transcends  virtually  every  type  of  communication 
that  we  have,  and  I  am  concerned  about  that. 

Ms.  Brown.  That's  correct.  I  think  it's  a  fallacy  to  assume  that 
criminals,  if  you  will,  the  lump-sum  grouped  together,  are  going  to 
utilize  a  Government-mandated  key  escrow  system.  They're  simply 
not  going  to  partake  in  it,  so  if  the  mass  market  software  industry 
were  to  capitulate  and  agree  to  market  key  escrow  solutions,  crimi- 
nals that  have  the  wherewithal  or  the  interest  in  avoiding  it  simply 
will  do  that.  They  will  hire  their  own  cryptographers  if  they  need 
to.  They  will  build  their  own  products.  It's  readily  available  now; 
they  admitted  it  themselves,  and  that's  what  they'll  do.  So  they're 
not  going  to  really  provide  themselves  with  the  assurances  that 
they  are  looking  for. 

Dr.  Deneka.  Mr.  Chairman,  I  would  add  that — in  my  comments 
I  tried  to  bring  this  point  forward — we  are  very  concerned.  It's  been 
documented  in  the  press  of  foreign  nations  aiding  industrial  espio- 
nage. It's  like  giving  the  keys  to  the  hen  house  to  the  fox,  and  we're 
very  concerned  about  that. 

Mr.  GtoODLATTE.  Thank  you. 

The  gentleman  from  Virginia,  Mr.  Scott. 

Mr.  Scott.  Thank  you,  Mr.  Chairman. 

I  understand  everybody  here  supports  the  legislation.  If  the  legis- 
lation were  not  to  pass,  what  authority  would  the  Federal  Govern- 
ment have  to  implement  such  a  plan? 

Ms.  Katz.  The  concern  is  more  that  the  existing  state  of  the  law 
is  handcuffing  American  industry  because  we  are  precluded  from 
exporting  encryption  code  that  exceeds  40  bits  in  length.  The  worry 
is  that  we  cannot  compete  with  foreign  competitors  that  are  pro- 
ducing stronger  encryption.  Thus  the  concern  is  the  existing  state 
of  the  law. 

Mr.  Scott.  Thank  you.  I  have  no  further  questions. 

Mr.  GoODLATTE.  Would  you  yield  the  balance  of  your  time? 

Mr.  Scott.  I  will  yield  the  balance  of  my  time,  Mr.  Chairman. 

Mr.  Goodlatte.  You've  been  twice  generous,  and  I  appreciate  it. 

Following  up  on  that  very  point,  in  addition  to  not  being  able  to 
export,  many  of  your  domestic  customers  need  to  use  the 
encr5T)tion  for  not  just  domestic  communications,  but  international 
communications.  I  would  think  Bear  Steams  would  be  a  good  ex- 
ample of  that.  So,  effectively,  your  ability  to  offer  the  encryption  in 
the  domestic  market  is  hampered  as  well,  is  it  not? 

Ms.  Ripley.  Yes,  it  is.  We  look  to  use  solutions  that  we  can  im- 
plement globally.  There  are  remedies  that  are,  apparently,  avail- 
able to  us  through  getting  waivers  for  our  overseas  branch  offices. 
We  attempted  to  go  down  this  road — not  very  happily  at  one 
point — and  concluded  that  the  time  and  effort  and  the  paperwork 


86 

problems  that  we  had  to  deal  with  led  us  to  back  off  and  to  use 
less  secure  means  of  communicating  with  our  overseas  firms — in 
fact,  our  overseas  offices  and  particularly  our  overseas  clients. 

We  feel  very  strongly  that  the  information  we  have  to  protect 
must  be  protected  absolutely.  We  would  lose  business.  As  a  firm, 
we  would  lose  our  own  customers  if  we  could  not  offer  secure 
means  of  communication,  and  without  the  ability  to  export  the 
strong  encryption,  we  feel  very  hampered  in  this  effort. 

Mr.  GOODLATTE.  So  you're  becoming  increasingly  concerned 
about  the  current  state  of  the  export  control. 

Ms.  Ripley.  Yes,  we  are. 

Mr.  GoODLATTE.  The  administration  has  argued — well,  why  don't 
we  put  it  this  way?  We've  heard  conflicting  testimony  regarding 
what  capabilities  law  enforcement  has,  and  some  in  your  industry 
have  argued  that  law  enforcement  can  solve  its  problems  with  re- 
spect to  wiretapping  by  getting  better  computers  that  will  decode 
encrypted  materials  faster.  There  was  some  dispute  of  that  on  the 
part  of  Mr.  Crowell. 

Can  any  of  you  comment  on  your  knowledge  of  that?  We  don't 
have  any  cryptographers  testif3dng  today,  but  perhaps  some  of  you 
are  familiar  with  that  issue. 

Ms.  Brown.  Well,  there  was  actually  a  study  commissioned.  A 
group  of  leading  cryptographers  did  get  together — the  BSA  can  pro- 
vide the  members  with  a  copy  of  their  report — and  they  actually 
analyzed  the  strength  of  different  algorithms  and  the  computing 
power  necessary  to  crack  algorithms  at  different  levels  starting 
with  40  bits.  Their  report  varies  extremely,  I  will  say,  from  what 
we  were  hearing  today  from  the  Government  panel. 

In  addition,  the  NRC  committee  was  also  privy  to  all  of  the  infor- 
mation from  the  Government  and  from  other  groups  about  the  abil- 
ity to  crack  40  bits  and  other  levels  and  came  out  with  56  bits  as 
their  recommendation.  So,  I  would  have  to  dispute  what  the  Gov- 
ernment is  talking  about  in  terms  of  computing  power  being  this 
kind  of  an  issue. 

Mr.  GoODLATTE.  And  can  you  describe  for  us  the  difference  be- 
tween 40  bits  and  56  bits?  That's  not  16  higher  than  40;  that's  16 
multiples. 

Ms.  Brown.  It's  exponential,  but  we're  now  moving  way  beyond 
my  field  of  expertise. 

Mr.  GOODLATTE.  So  we're  talking  2  to  the  56th  power  as  opposed 
to  2  to  the  40th  power,  which  is  many  thousands  of  times  more 
powerful  encryption,  and  it's  being  offered  by  your  foreign  competi- 
tors and  you're  being  hampered  in  your  ability  to  compete. 

The  gentlewoman  from  California. 

Ms.  LOFGREN.  Thank  you,  Mr.  Chairman.  I  read  the  written 
statements  and,  again,  apologize  for  missing  your  testimony.  The 
immigration  bill  is  on  the  floor  and  several  crime  bills  that  we've 
had  to  run  over  for. 

I  think  you've  covered  most  of  what  I  wanted  to  know  quite  ade- 
quately in  your  written  reports.  I  did  have  two  questions,  and  one 
that  Mr.  Goodlatte  has  just  touched  upon.  A  number  of  us  were  in- 
vited to  a  classified  briefing  that  we're  not  allowed  to  discuss — al- 
though why,  I  don't  know,  since  you  can  read  most  of  it  on  the 
front  page  of  the  San  Jose  Mercury  News — but  in  the  course  of  that 


87 

briefing,  we  were  given  an  unclassified  document — I  don't  know  if 
you've  seen  it — about  how  long  it  would  take  for  law  enforcement 
to  break  different  lengths  of  encryption.  And  as  a  matter  of  fact, 
since  it  was  unclassified,  I  did  distribute  it  widely  among  cryptog- 
raphers and  others.  The  document  suggests  that  a  government  law 
enforcement  agency  would  use  a  Cray  computer,  which  was  met 
with  a  great  deal  of  skepticism  among  people  in  the  industry,  for 
a  brute  force  attack. 

I'm  just  wondering,  have  you  had  an  opportunity  to  see  their 
chart,  any  of  you,  and  do  you  have  any  comment  on  the  material? 

Ms.  Katz.  I  believe  we  have  seen  the  chart.  Our  view  is  that  the 
focus  on  40-bit  versus  56-bit  versus  128-bit  shifts  attention  from 
where  it  needs  to  be.  Technologically  the  advances  in  encryption 
are  coming  so  fast  and  so  furiously  that  in  another  year,  who 
knows  what  bit  length  we'll  be  talking  about?  And  so,  we  need  to 
approach  the  problem  not  so  much  from  the  vantage  point  of  key 
length  as  from  addressing  the  bigger  problem  of  the  effect  of 
encrjrption  on  privacy  and  security  and  law  enforcement.  Without 
minimizing  the  work  involved,  because  it  is  substantial,  we  need  to 
focus  on  these  broader  issues. 

Ms.  Ripley.  If  I  might  add  something  as  well,  as  a  member  of 
the  securities  industry,  I'm  actually  quite  happy  to  see  that  the 
longer  keys  are  getting  to  be  very  difficult  to  break.  As  time  goes 
on  and  technology  improves  there  will  continue  to  be  longer  keys, 
and  the  technology  to  break  the  keys  will  try  to  catch  up  with  the 
length  of  the  key,  which  means  that  the  key  length  will  continue 
to  grow,  and  it  seems  that  we'll  always  be  faced  with  this  issue. 
From  the  perspective  of  the  securities  industry,  this  makes  us  want 
to  use  these  more  secure  algorithms  because  we  need  to  protect  our 
data. 

On  the  other  hand,  I  have  to  sympathize  with  the  efforts  of  law 
enforcement  because  it  does  make  their  job  much  more  difficult  to 
have  to  break  the  key,  but  I  would  come  back  to  an  earlier  state- 
ment that  we  in  the  securities  industry,  as  I'm  sure  any  legitimate 
business  does,  work  with  our  law  enforcement  agencies  with  due 
process,  and  if  there  is  a  need,  we  will  reveal  to  them  the  keys  nec- 
essary for  breaking  the  encryption. 

Ms.  LOFGREN.  Let  me  just  ask,  and  it's  a  question  that  may  not 
be  answerable,  and  I  guess  it's  primarily  directed  to  Ms.  Brown 
and  to  Ms.  Katz  as  people  involved  in  companies  that  get  into  soft- 
ware development.  In  listening  to  folks  in  Silicon  Valley  who  are 
very  concerned  about  this  issue,  I've  been  trying  to  get  at  least  an 
estimate  or  a  sense  of  how  long  we  might  have  to  remedy  this  situ- 
ation before  the  damage  to  our  industry  is  so  severe  that  it  would 
be  difficult  to  recover.  Do  you  have  an  idea  or  a  suggestion  or  a 
ballpark  estimate  on  how  long  you  think  we  have  to  fix  this  or  pay 
a  price  that  will  be  very  high  and,  perhaps,  irrecoverable? 

Ms.  Brown.  In  terms  of  a  fixed  amount  of  time,  I  really  don't. 
I  think  what  troubles  us  is  that  we  predicted  in  the  early  1990's 
that  we  were  going  to  see  problems  and  competition,  and  our  pre- 
dictions have  come  true.  And  I  agree  with  Roberta  that  the  expo- 
nential speed  with  which  the  Internet  is  growing  probably  doesn't 
lend  itself  to  predicting  time.  It  could  be  we  have  a  year;  it  could 
be  we  have  6  months,  but  we  don't  have  a  lot  more  time.  Every  day 


88 

is  a  day  that  we've  lost  to  a  company  that's  made  a  crucial  decision 
about  moving  to  a  new  vendor,  and  understand  that  once  compa- 
nies move  to  a  new  vendor,  they're  not  likely  to  reinvest  in  another 
vendor  for  some  time  to  come.  So,  that's  a  customer  we  may  not 
have  lost  permanently,  but  we've  certainly  lost  for  a  long  time. 

Ms.  Katz.  I  would  just  reference  two  points  made  in  the  formal 
testimony.  One,  and  this  is  all  within  the  last,  I'd  say,  4  or  5 
months,  we  saw  the  birth  and  the  broad  marketing  of  this  company 
in  South  Africa,  saying  that  it  can  provide  what  the  American  com- 
panies can't. 

Ms.  LOFGREN.  Yes,  I  thought  that  was  very  interesting;  I  read 
that. 

Ms.  Katz.  The  other  thing  that  we  have  seen  is  that — we  had  a 
customer  in  Germany,  a  large  bank  that  wanted  very  much  to  work 
with  us,  but  after  many  struggles  was  unable  to  do  so,  and  a  Ger- 
man company,  which  prior  to  that  had  not  been  involved  in 
encryption,  stepped  forward  and  said,  "We  will  now  produce  strong 
encryption  to  meet  the  needs  of  the  customer."  Well,  that  company 
has  now  been  launched.  There's  a  foreign  competitor  that  didn't 
exist  and  would  not  have  existed  but  for  the  export  controls. 

Ms.  LOFGREN.  Wouldn't  it  also  be  possible  for  U.S.  companies  to 
move  key  aspects  of  their  encryption  workforce  and  technology  off- 
shore so  as  to  avoid  U.S.  export  regulations? 

Ms.  Brown.  That  would  be  a  possibility.  My  understanding  is, 
however,  that  it  would  be  very  expensive.  We  would  have  to  hire 
people  that  had  no  familiarity  with  the  code  that's  here,  and  basi- 
cally send  them  off  to  develop  from  ground  zero.  Not  only  would 
that  be  very  expensive,  the  problem  we  would  end  up  with  is  we 
may  not  have  compatible  products  so,  once  again,  our  customers 
wouldn't  necessarily  have  a  worldwide  solution.  It  would  allow  us 
to  compete  in  the  local  markets,  but  it  would  defeat  the  purpose 
of  global  communications  with  our  customers.  You're  right,  though; 
that  would  be  an  option  for  us.  We've  looked  into  it,  and  it's  very 
expensive. 

Ms.  LoFGREN.  So,  it's  so  expensive  that  should  a  major  U.S.  cor- 
poration decide  to  pull  out,  that  would  probably  be  an  irreversible 
decision  as  well. 

Ms.  Brown.  Yes. 

Ms.  Katz.  My  understanding  is  exactly  the  same,  that  it  doesn't 
make  sense,  ultimately. 

Ms.  LoFGREN.  I  have  no  further  questions,  Mr.  Chairman.  I  yield 
back  the  balance  of  my  time. 

Mr.  GOODLATTE.  Thank  you. 

Just  one  last  question:  in  her  written  testimony,  Ms.  Gorelick 
says  that  recent  hacker  cases  such  as  the  one  involving  Citibank's 
computers  by  hackers  in  St.  Petersburg,  Russia,  "have  further  dem- 
onstrated to  many  businesses  the  general  need  for  a  cop  on  the  in- 
formation superhighway."  That's  her  quote.  Would  you  say  that 
what  is  needed  is  a  cop,  or  increased  encryption?  Does  anybody 
want  to  take  a  swing  at  that  one? 

Ms.  Katz.  I  must  ask  a  question  in  response,  which  is,  who  is 
"the  cop?" 

Mr.  Goodlatte.  I  think  that's  a  good  question,  and  with  that, 
unless  anyone  else  has  any  other  comments,  we'll  thank  this  panel 


89 

as  well  for  your  very  generous  contribution  of  your  time  to  this 
committee  and  for  helping  us  understand  this  very  complicated 
issue  better,  and  we  look  forward  to  continuing  to  work  with  all  of 
you  in  hoping  to  come  to  a  resolution  of  this  serious  problem. 

Thank  you,  again. 

Ms.  Katz.  Thank  you. 

Mr.  GOODLATTE.  The  committee  is  adjourned. 

[Whereupon,  at  12:25  p.m.,  the  committee  adjourned.] 


APPENDIX 


Material  Submitted  for  the  Hearing 

dPq  Statement  of  the  Software  Publishers  Association  to  the  U.S.  House  of 

"■■  Representatives  Committee  on  the  Judiciary  in  Support  of  the  Security 

and  Freedom  Through  Encryption  (SAFE)  Act  of  1996 

September  25, 1996 


SoftM^are 


Publishers 


Association 


The  Software  Publishers  Association  (SPA)  is  the  leading  trade  association  for  the 
personal  computer  software  industry,  representing  publishers  as  well  as  mciny 
start-up  firms  in  the  business,  consumer,  home  office,  education,  entertainment, 
and  Internet  markets.  Our  1,200  members  accoimt  for  85  percent  of  the  U.S. 
packaged  software  industry.  SPA  membership  also  includes  distributors, 
retailers,  consultants,  and  other  firms  that  provide  services  to  software  publishers 
and  are  committed  to  the  industry's  growth. 

SPA  strongly  supports  H.R.  3011,  the  Security  and  Freedom  Through  Encryption 
(SAFE)  Act  of  1996.  H.R.  3011  would  liberalize  export  controls  on  encryption 
which  currently  prevent  U.S.  software  and  hardware  companies  from  selling 
products  that  contain  strong  encryption  abroad.  This  change  would  allow  U.S. 
companies  to  meet  consun\er  demand  for  encryption  products,  participate  in  the 
development  of  products  and  technologies  that  are  essential  for  the  continuing 
growth  of  electronic  commerce,  and  compete  in  the  growing  global  marketplace 
for  these  products. 

In  our  December  1995  study,  SPA  demonstrated  that  there  were  then  497  foreign 
products  containing  strong  encryption  available  in  at  least  67  countries.  As  these 
foreign  products  increase  in  number  and  improve  in  quality,  U.S.  companies  will 
forever  lose  a  foothold  in  this  growing  market.  One  industry  sponsored  study 
has  estimated  iiat  export  controls  on  encryption  would  cost  U.S.  compaiues  $30- 
$60  billion  in  lost  sales  by  the  year  2000.  These  losses  mean  lower  revenues,  lost 
market  share,  and  fewer  jobs. 

The  SAFE  Act  recognizes  the  realities  of  the  global  marketplace.  It  demoi\strates 
an  understanding  that  products  containing  strong  encryption  are  a  crucial 
component  of  the  development  of  digital  commerce  and  are  necessary  to  secure 
the  communication  of  such  sensitive  information  as  business  proprietary 
information,  banking  and  other  financial  information,  and  medical  information. 
It  represents  the  only  logical  response  to  the  very  real  consumer  demand  for 
these  products  -  a  demand  that  can  and  will  be  met  by  foreign  companies  if  U.S. 
companies  are  prevented  from  competing. 

In  contrast,  the  administration's  current  approach  offers  little  to  meet  the 
concerns  of  the  software  industry.  Specifically,  there  is  little  or  no  export  control 
relief  except  for  products  that  "escrow"  their  encryption  keys.  Escrow  is  an 
expensive  feature  to  add  to  software,  and  it  is  not  at  all  dear  that  consumer 
demand  will  justify  the  expense.  The  administration's  efforts  to  encourage  key 


1730MSireei     •    Suite  700    •    Waihmgton  DC    .20034  4510    •    Telephone  12021 4521600     •     Fo«  (202)  223-8756 


(91) 


92 


SPA  Statement 
September  25, 1996 
Page  Two 

escrow  ignore  the  substantial  market  demand  for  unescrowed  products  which 
will  inevitably  be  met  by  foreign  competitors. 

For  these  reasons,  SPA  strongly  supports  the  SAFE  Act  of  1996.  SPA  urges  each 
of  the  Members  of  the  Committee  on  the  Judiciary  to  support  this  legislation  to 
protect  the  competitive  position  of  U.S.  companies  in  the  global  marketplace  for 
products  and  technology  necessary  to  provide  adequate  security  for  the  growing 
use  of  on-line  commerce  and  communications. 

Contact  for  more  information:       David  S.  Byer,  Director,  Government  Affairs 

(202)  452-1600,  exL  325;  dbyer@spa.org 

Ken  Wasch,  President 

(202)  452-1600,  exL  310;  kwasch@spa.org 


93 


CENTER  FOR 
DEMOCRACY 

Chairman  Henry  Hyde  TECHNOLOGY 
House  Committee  on  the  Judiciary 

2138  Raybum  House  Office  Building  ,63,  ^^  sir«i.  nw  Su.te  noo 

Washington,  D.C.   20515-6626  wasmngion  oc  20006 

(2021  637-9800 

■iX  (202) 637-0968 

September  25,  1996  eroil  mioOcalorg 


Dear  Chairman  Hyde: 

The  Center  for  Democracy  and  Technology  (CDT)  commends  the  Committee 
for  holding  today's  hearing  to  consider  H.R.  3011,  the  "Security  and  Freedom 
through  Encryption  (SAFE)  Act  of  1996."    We  also  wish  to  acknowledge 
Representatives  Bob  Goodlatte  (R-VA),  John  Conyers  (D-MI),  and  the  other 
bi-partisan  cosponsors  from  the  Judiciary  Committee  for  their  continued 
efforts  to  promote  privacy  and  security  on  the  Internet. 

We  submit  the  attached  paper  "The  Internet  Privacy  and  Security  Imperative: 
User-Oriented  Encryption  Policy  for  the  Age  of  the  Internet"  and  ask  that  it  be 
included  in  the  record.  The  paper  outlines  the  privacy  and  secxirity  issues 
raised  by  the  current  US  encryption  policy  debate. 

The  reform  of  US  encryption  policy  is  one  of  the  critical  issues  facing  the 
future  of  the  Internet  and  its  viability  as  a  secure  platform  for  free  expression, 
education,  and  political  discourse.    The  current  encryption  export  controls 
hamstring  .American  industry  in  a  competitive  global  marketplace  while 
preventing  individuals  and  businesses  from  protecting  their  privacy  and 
security  on  the  Internet.  If  enacted,  HR  3011  would  go  a  long  way  towards 
ensuring  that  Internet  users  have  access  to  the  privacy-protecting  encryption 
technology  they  desperately  need. 

We  look  forward  to  working  with  you  and  your  staff  on  this  issue  in  the 
future. 


sincerely. 


94 


The  Internet  Privacy  and  Security 
Imperative:  User-Oriented  Encryption 
Policy  for  the  Age  of  the  Internet 

Introduction  and  Overview^ 


With  the  recent  court  ruling  sinking  the  Communications  Decency  Act,  the  maior  legal  obstacle  to  the 
development  of  electronic  commerce  is  outdated  U.S.  encryption  policies.  Unfortunately,  little  progress 
has  been  made  since  the  tailed  introduction  of  the  much-maligned  Clipper  Chip.  Despite  the  nearly 
unanimous  criticism  of  current  policy  from  civil  liberties  organizations,  industry  groups,  and  the 
cryptography  user  community  over  the  last  two  years,  the  Administration  has  continued  its  flawed 
approach  to  cryptography  policy.  A  cryptography  policy  based  upon  a  narrow  national  secunty 
perspective  that  ignores  the  security  needs  of  individual  users  is  unlikely  to  form  the  sound  basis  for  a 
secure  worldwide  communications  infrastructure.  A  cryptography  policy  without  explicit  privacy 
protections  will  never  gam  the  trust  of  users  or  be  embraced  by  the  international  mari<etplace. 

Since  the  Clipper  Chip  proposal  was  first  offered,  the  looming  cnsis  in  pnvacy  and  secunty  has 
become  more  clear  than  ever 

1 .  T7ie  Internet  Perspective  -•  U.S.  encryption  policy  has  failed  to  account  for  the  emergence 
of  the  Intemet  as  a  model  for  communications. 

•  The  Intemet  is  not  the  telephone  system  ~  The  Intemet  encompasses  a  range  of  social 
functions  far  beyond  simple  two-way  voice  communication.  These  broad  activities  demand  a 
heightened  capacity  for  users  to  protect  their  security  and  privacy  online.  The  traditional 
approach  to  wiretapping  cannot  simply  be  exported  to  this  new  medium. 

•  The  Intemet  is  a  global,  decentralized  medium  -  Efforts  to  impose  unilateral  national  policies  - 
such  as  export  controls  or  key  escrow  proposals  -  are  unlikely  to  be  accepted  widely. 
Decentralizea  user  choice  solutions  to  privacy  problems  are  preferable  to  and  more  effective 
than  centralized  govemment  mandates. 

•  On  the  Intemet.  the  Bill  of  Rights  is  a  national  ordinance  -  Constitutional  guarantees  offer  no 
protection  to  U.S.  citizens  whose  communications  regularty  cross  national  borders.  Policies 
should  be  designed  to  protect  Americans  outside  of  the  shelter  of  U.S.  law. 

2.  Current  encryption  policy  fails  to  meet  users'  needs  -  Widely  available  strong  encryption  is 
essential  if  users  are  to  ever  trust  their  private  and  sensitive  information  to  the  Global  Information 
Infrastrtjcture  (Gil).  Yet  export  controls  and  other  policies  have  kept  good  encryption  tools  out  of  the 
hands  of  everyday  users  and  capped  secunty  at  a  40-bit  key  length  that  many  experts  judge  to  be 
'inadequate  protection."^ 

3.  Administration  encryption  policy  remains  hostage  to  a  law  enforcement  and  national  secunty 
rationale  that  is  outdated  and  unsubstantiated  ~  National  security  arguments  have  been  undermined 
by  the  increasing  availability  of  strong  encryption  outside  of  the  United  States.  The  law  enforcement 
problem  posed  by  encryption  is  real,  but  narrowly  focused  around  real-time  surveillance  of  electronic 
communications.  The  massive  invasions  of  privacy  and  the  high  cost  of  the  Administration's  export 
controls  and  key  escrow  policies  cannot  be  justified  on  these  narrow  and  eroding  grounds. 

Congressional  action  is  needed.  Encryption  policy  is  the  weak  link  creating  a  cnsis  in  electronic 
commerce  and  individual  pnvacy.  Only  Congress  is  in  a  position  to  demand  that  law  enforcement  justify  its 
policies.  Only  Congress  can  act  quickly  to  reverse  the  policies  of  the  Administration.  Immediate  export 
control  liberalization  is  essential  to  provide  Amencan  Intemet  users  with  the  strong  secunty  and  pnvacy 
they  so  badly  need. 

Finally,  the  voice  of  Internet  users  must  be  heard  on  this  issue.  We  commend  Representatives 
Goodlatte.  Conyers,  Moorehead,  Lofgren,  and  Senators  Burns,  Leahy,  Pressler.  Lott.  Wyden.  and  other 
members  of  Congress  who  have  reached  out  to  the  growing  community  of  computer  users  who  care 
deeply  about  :his  issue 


95 


Center      for      Democracy      and      Technology 


Communications  Privacy  in  the  Age  of  the  internet:  Public  Policy 
Principles 

For  years  encryption  policy  has  been  driven,  substantially  unchallenged,  by  the  needs  of  the  national 
security  establishment.  With  the  arrival  of  the  personal  computer  and  the  Internet,  that  narrow  focus  is 
plainly  no  longer  acceptable.  The  policies  that  may  have  been  appropriate  for  the  Age  of  the  Mainframe 
Computer  will  not  meet  the  needs  of  individuals  and  society  in  the  Age  of  the  Internet.  Ws  suggest  that 
any  policy  that  addresses  privacy  and  security  on  the  Internet  should  do  so  in  light  of  the  following  policy 
principles: 

•  The  Internet  is  not  the  telephone  system. 

•  The  Internet  is  a  global  medium:  Decentralized  user  choices  are  preferable  to  centralized 
govemment  mandates. 

•  On  the  Internet,  the  Bill  of  Rights  is  a  local  ordinance.' 

Application  of  these  principles  to  today's  e.ncryption  policy  logjam  leads  to  the  inescapable  conclusion 
that  fundamental  change  is  needed.  CDT  believes  that  Congressional  efforts  to  move  this  policy  debate 
beyond  the  Cold  War-era  tulainframe  model  and  into  the  Age  of  the  Internet  are  essential. 

A.  The  Internet  Is  Not  The  Telephone  System 

"The  Internet  is  therefore  a  unique  and  wholly  new  medium  of  worldwide  human  communication." 
Court's  Findings  of  Fact,  1181 ,  ALA  v.  Dept.  of  Justice" 

If  there  is  one  truth  that  policymakers  have  learned  about  the  Internet  in  the  last  year,  it  is  that  the 
Internet  is  not  just  another  telephone  system.  Current  encryption  policy  is  justified,  in  part,  by  law 
enforcement  arguments  that  they  must  continue  to  conduct  electronic  surveillance  in  the  same  manner  as 
they  are  able  to  on  the  telephone  network.  But  efforts  to  simplisticly  apply  assumptions  about  wiretapping 
from  the  telephone  system  to  the  Internet  nsk  grave  threats  to  individual  pnvacy.  In  a  similar  vein. 
congressional  attempts  in  the  Communications  Decency  Act  to  impose  content-based  restrictions  on 
speech  from  the  phone  system  onto  the  Intemet  have  recently  been  harshly  rebuffed  by  the  Federal 
courts.^ 

From  a  constitutional  privacy  perspective,  the  single  most  significant  difference  between  the  Intemet 
and  traditional  telephone  service  is  the  vast  array  of  uses  that  the  Intemet  currently  serves,  as  well  the 
even  larger  range  of  new  applications  bound  to  come  in  the  future.  The  Intemet  is  not  simply  a  new- 
fangled digital  telephone.  Rather,  Intemet  services  will  likely  facilitate  the  following  important  social 
functions  now  or  in  the  near  future: 

•  wallet 

first  class  mail  envelop 

earner  of  credit  card  transactions 

face-to-face  contact  with  a  bank  or  a  merchant 

•  public  library 

•  neighborhood  bookstore 

•  movie  theater 

•  doctor's  office 

•  town  square,  coffee  shop,  union  hall,  political  clubhouse,  or  community  center  where  we 
discuss  politics 

•  local  art  museum 

romantic  night  spot  for  intimate  conversations. 

The  Internet  is  much  more  than  simply  a  means  of  instantaneous  communications  like  telephone 
conversations.  Instead,  the  Internet  is  itself  a  platform  where  all  of  the  activities  listed  above  can  take 
place.  On  the  Intemet.  people  do  business,  engage  m  politics,  conduct  intimately  private  interactions  with 
health  care  professionals,  participate  in  culture,  and  even  fall  in  love.  The  vast  breadth  of  activities 


The       Internet       Privacy       and       Security       Imperative  Page 


96 


Center     for      Democracy      and      Technology 


conducted  online  demand  that  Individuals  have  the  greatest  ability  possible  to  protect  their  pnvacy  and 
ensure  their  security.  These  activities  also  demand  greater  protection  against  government  intrusions  on 
individual  privacy,  free  expression,  and  freedom  of  association. 

The  privacy  protections  embodied  in  U.S.  law  today  are  the  product  of  a  long  and  thorough  debate  in 
which  the  concems  of  law  enforcement  were  aired  and  carefully  weighed  against  the  ngnts  of  citizens. 
Congress  should  not  allow  law  enforcement  concems  to  unravel  this  delicate  balance  by  impos.ng  the 
wiretapping  paradigm  on  this  new  medium  without  careful  deliberation. 


Case  Study: 


A  Fourth  Amendment  Challenge:  Wiretapping  the  virtual 
corporation 


Wiretapping  and  other  electronic  sun/eillance  has  always  been  recognized  as  an 
exception  to  the  fundamental  Fourth  Amendment  prohibition  against  secret  searches.  Even 
with  a  valid  search  warrant,  law  enforcement  agents  must  'knock  and  announce'  their  Intent  to 
search  a  premises  before  proceeding.  Failure  to  do  so  violates  the  Fourth  Amendment.  Until 
now,  the  law  of  search  and  seizure  has  made  a  sharp  distinction  between,  on  the  one  hand, 
seizures  of  papers  and  other  items  in  a  person's  physical  possession,  and  on  the  other  hand, 
wiretapping  of  communications.  Seizure  of  papers  or  personal  effects  must  be  conducted 
with  the  owner's  knowledge,  upon  presentation  of  a  search  warrant.  Only  in  the  exceptional 
case  of  wiretapping  -  and  with  the  heightened  procedural  and  substantive  requirements  that 
accompany  a  wiretap  court  order  -  may  a  person's  pnvacy  be  invaded  by  law  enforcement 
without  simultaneously  informing  that  person. 

In  the  era  where  people  wori<  for  'virtual  corporations"  and  conduct  personal  and  political 
lives  In  "cyberspace,"  the  distinction  between  communication  of  information  and  storage  of 
information  is  increasingly  vague.  The  organization  in  which  one  works  may  constitute  a 
single  virtual  space,  but  be  physically  dispersed.  The  papers  and  files  of  the  organization  or 
individual  may  be  moved  within  the  organization  by  means  of  telecommunications 
technology.   Instantaneous  access  to  encryption  keys,  without  prior  notice  to  the 
communicating  parties,  thus  present  a  much  broader  intrusion.  Such  access  may  well 
constitute  a  secret  search  if  the  target  is  a  virtual  corporation  or  an  individual  whose  "papers" 
are  physically  dispersed. 


B.  The  Internet  Is  A  Global  Medium:  Decentralized  User  Solutions  Are  Preferable 
To   Centralized   Government   Mandates 

On  of  the  Internet's  great  strengths  is  the  ease  with  which  it  spans  the  globe:  information  flows  as 
effortlessly  from  New  York  to  Nairobi  as  from  Washington,  DC  to  West  Virginia.  Moreover,  a 
communication  from  New  York  to  Nairobi  might  travel  through  the  United  Kingdom  and  four  other 
countnes  one  day,  but  through  France  and  five  different  countries  the  next  day.  For  this  reason,  national 
controls  are  unlikely  to  wori<  in  a  global  medium  like  the  Intemet.  Privacy  solutions  should  not  rely  on 
centralized  policies  and  control,  but  instead  should  be  oriented  towards  the  user  and  robust  enough  to 
exist  in  the  highly  decentralized  environment  that  charactenzes  the  Intemet. 

The  rapid  pace  of  Intemet  development  has  occun-ed  with  some  important  government  support,  but 
entirely  without  the  interference  of  the  traditional  regulatory  process.  The  flexibility  of  the  Intemet 
community  in  developing  new  solutions  to  meet  user  needs  has  been  nothing  short  of  astonishing.  Yet 
the  one  area  in  which  the  innovative  energy  of  the  Intemet  has  been  most  stifled  has  been  in  the  area  of 
secunty  and  pnvacy.  Just  as  we  cannot  expect  the  United  States  government  to  have  anticipated  the 
arcnitecture  of  the  Worid  Wide  Web,  so  it  is  foolhardy  to  expect  that  the  national  secunty  establishment  of 
the  United  States  can  anticipate  and  provide  for  the  secunty  needs  of  all  Intemet  users.  A  user-oriented 
encryption  policy  which  recognizes  the  realities  of  the  Intemet  would  get  the  government  out  of  the 
business  of  controlling  this  vital  part  of  the  emerging  infomnation  infrastructure. 


The       Internet       Privacy       and       Security       Imperative 


Page     3 


97 

Center      for      Democracy      and      Technology 


C.  On  the  Internet,  the  Bill  of  Rights  is  a  Local  Ordinance 

Both  data  secunty  solutions  against  private  intrusion  and  privacy  protections  against  unwarranted 
government  surveillance  must  be  suited  to  the  global  nature  of  the  Net.  Good  data  security  demands 
strong  encryption  to  foil  threats  wherever  they  are  in  the  worid.  And  good  data  security  and  privacy 
policies  must  recognize  that  the  Bill  of  Rights  in  the  United  States  Constitution  is  nothing  more  than 
national  law. 

United  States  Constitutional  protections  against  unreasonable  search  and  seizure  offer  little 
protection  to  U.S.  citizens  whose  Internet  communications  regularly  cross  borders.  Foreign  governments 
and  others  can  intercept  these  messages  without  the  knowledge  of  the  senders,  and  beyond  the  ability 
of  the  United  States  government  to  protect  the  privacy  rights  of  its  citizens.  For  similar  reasons,  the  key 
escrow  agents  called  for  in  recent  Administration  policy  proposals  would  create  an  enormous  new 
vulnerability  for  Internet  users  --  both  from  private  data  intruders  and  from  governments  which  may  not 
have  adequate  law  enforcement  safeguards  or  may  not  accord  the  same  privacy  protections  to  United 
States  citizens. 

The  global  nature  of  the  Internet  thus  demands  that  users  have  access  to  the  highest  quality 
encryption  technology.  We  strongly  agree  with  the  many  individuals,  fellow  privacy  advocates,  and 
industry  leaders  who  are  calling  for  the  public  policy  changes  necessary  to  allow  the  mari<et  to  provide  the 
security  and  privacy  that  global  Internet  users  need. 

III.     Locks  and  Keys  for  the  Gil:  Users  Need  Encryption 

"On  balance,  the  advantages  of  more  widespread  use  of  cryptography  outweigh  the  disadvantages.'" 

The  use  of  encryption  Is  an  inevitable  and  essential  part  of  life  online.  As  the  National  Research 
Council  found  in  its  long-awaited  encryption  White  Paper,  not  only  do  users  need  encryption,  but  it  is 
actually  in  America's  national  interest  to  promote  the  widespread  use  of  good  cryptography.' 

A  secure,  private,  and  tnjsted  Global  Information  Infrastmcture  (Gil)  is  essential  to  promote  economic 
growth  and  meet  the  needs  of  Information  Age  society.  Developing  that  secure  and  trusted  Gil  requires 
strong,  flexible,  widely-available  cryptography.  Individuals  need  to  have  confidence  in  the  Gil  to  realize  the 
full  democratic  potential  of  free  association  and  personal  communications.  Competitive  businesses  need 
to  protect  propnetary  information  as  it  flows  across  insecure  global  communications  networks. 

In  recent  months  the  public  has  been  made  increasingly  aware  of  the  dangers  of  computer  crime  and 
the  vulnerability  of  current  cryptography  implementations.  Rapid  advances  in  the  speed  and 
sophistication  of  hardware  and  software  have  laid  siege  to  the  40-bit  key  systems  currently  approved  for 
export,  as  well  as  the  popular  56-bit  DES  algorithm.'  If  we  are  to  maintain  the  trust  of  the  public  and  realize 
the  full  potential  of  the  Gil,  users  will  need  widely  available  good  encryption  to  protect  themselves  online: 

•  Individuals  need  encryption  in  order  to  trust  the  Gil  with  confidential  data  such  as  financial 
transactions,  medical  records,  or  private  communications. 

•  Businesses  need  encryption  to  provide  individuals  with  privacy  protection  and  to  protect 
proprietary  information  as  it  flows  across  vulnerable  global  networks.  Moreover,  businesses  need 
good  encryption  to  protect  the  growing  stores  of  personal  information  that  they  accumulate  about 
individuals  -  such  as  medical,  insurance,  credit,  or  financial  records.^ 

•  Government  users  need  encryption.  Government  itself  needs  good  encryption  to  protect 
sensitive  military,  law  enforcement,  financial,  or  private  citizen  information. 

•  America  needs  encryption  to  promote  national  security  and  prevent  crime.  The  widespread  use 
of  strong  encryption  is  widely  considered  one  of  our  best  defenses  in  the  battle  to  protect 
Amenca's  information  infrastnjcture  from  intormatir  i  warfare  and  other  security  threats.  It  is  ironic 


The       Internet       Privacy       and      Security       Imperative  Paj 


98 


Center      for      Democracy      and      Technology 

that  the  very  players  within  the  Administration  who  should  be  promoting  the  use  of  encryption  to 
promote  national  secunty  and  prevent  cnme  online  are  actively  working  to  stop  it.  FBI  Director 
Louis  Freeh  testified  in  the  Senate  this  Spnng  about  the  massive  losses  attnbuted  to  industnal 
espionage  in  this  country,  estimated  in  the  hundreds  of  billions  of  dollars.  CIA  Director  John 
Deutch  has  testified  just  yesterday  atwut  the  increasing  vulnerability  of  our  financial,  utility, 
government,  and  telecommunications  mfomriation  infrzistructure  to  "information  terronsts"  and 
other  bad  actors.  Yet  the  lack  of  strong  encryption  use  today  has  left  computer  users  vulnerable  to 
the  prying  eyes  of  hackers,  corporate  competitors,  and  even  foreign  governments." 

The  Gil  will  not  fully  develop  without  widely  available  and  strong  cryptography.  The  lack  of  any 
international  standard  for  strong  cryptography  has  already  hindered  the  deployment  of  highly  secure 
systems  worldwide.  Moreover,  national  and  regional  govemments  are  increasingly  considenng 
regulations  on  the  use  of  encryption.  Such  actions  threaten  to  create  a  patchwork  of  international 
regulations  which  would  hinder  the  deployment  of  secure  global  communications  and  leave  users  without 
the  security  and  privacy  they  need. 

In  this  context,  the  sole  focus  on  national  security  needs  embodied  in  the  Administration's 
cryptography  policies  is  unlikely  to  meet  the  needs  of  Gil  users.  By  maintaining  40-bit  key  length 
restnctions  on  exports,  these  policies  leaves  users  hamstrung  with  insecure  systems.  By  proposing 
unattractive  interoperability  restrictions  and  minimal  pnvacy  protections  for  key  escrow  systems,  these 
policies  discourage  the  deployment  of  secure  systems  in  U.S.  products.  Rather  than  being  seamlessly 
incorporated  into  popular  products,  secure  communications  will  remain  out  of  reach  for  less  sophisticated 
Gil  users.  The  resulting  loss  of  security  will  have  a  chilling  effect  on  the  development  of  electronic 
commerce  and  the  information  infrastnjcture  as  the  pnvacy  and  security  needs  of  users  are  not  met. 

"Naked  To  Mine  Enemy"'^  -    The  Failure  of  Administration 
Encryption  Policy:  Users'  Needs  Go  Unmet 

'Current  national  policy  is  not  adequate  to  support  the  information  secunty  requirements  of  an 
information  society."" 

Current  Administration  encryption  policy  has  failed  to  meet  the  needs  of  computer  users.  Export 
controls  and  other  government  policies  keep  good  encryption  out  of  the  hands  of  users.  These  policies 
act  to  coerce  the  domestic  mari<et  for  encryption.  The  40-bit  key  length  encryption  available  under  these 
policies  IS  widely  viewed  by  exoerts  as  inadequate.  Worse,  the  export  controls  are  intrusive  and  ineffective 
at  meeting  their  stated  national  security  goals.  U.S.  encryption  policy  is  in  a  state  of  cnsis,  with  users 
unable  to  get  the  privacy  because  of  unsupportable  national  security  and  law  enforcement  rationale. 
Moreover,  the  Administration's  Clipper  Chip  and  subsequent  policy  proposals  have  barely  acknowledged 
pnvacy  concems  in  any  meaningful  way.  and  have  been  greeted  with  distaste  and  scorn  by  the 
mari<etplace  and  the  public. 

Current  Administration  policy  restricts  the  export  of  "strong"  encryption  hardware  or  software  products 
with  keys  greater  than  40  bits  long  (the  length  of  the  "keys"  indicates  the  secunty  of  a  system).  Many 
experts  believe  that  40  bit  secunty  is  woefully  inadequate."  Export  controls  actually  keep  domestic  users 
from  getting  good  encryption.  Most  U.S.  software  and  hardware  companies  have  been  held  hostage  as 
they  try  to  make  their  domestic  products  interoperable  with  and  subiect  to  the  same  restrictions  as  their 
exportable  products.  The  result  is  a  government  policy  ttiat  hurts  Amencan  businesses  and  individuals: 

•  It  hurts  individuals  by  not  allowing  them  to  choose  the  encryption  systems  that  best  meet  their 
secunty  needs.  A  recent  study  by  a  panel  of  renowned  cryptographers  found  that  the  systems 
currently  exportable  under  government  policies  "offer  virtually  no  protection  from  baite-force 
attacks."'* 

•  It  hurts  U.S.  industry  by  not  allowing  companies  to  provide  secure  products  in  the  face  of  strong 
foreign  competitors  wno  are  not  restncted  by  export  controls.  A  recent  report  by  the  CEOs  of  13 


The       Internet       Privacy       and      Security       Imperative  Page 


99 


Center      for      Democracy      and      Technology 

large  American  technology  companies  concluded  that  the  American  computer  industry  could  lose 
up  to  S60  billion  annually  by  the  year  2000  due  to  these  export  controls.' 

•      It  doesn't  even  meet  the  needs  of  national  security.  The  Software  Publishers  Association  has 
documented  hundreds  of  foreign  encryption  products  already  widely  available  abroad.  Criminals, 
terrorists,  and  foreign  govemments  will  always  have  access  to  good  encryption;  it  is  law-abiding 
citizens  who  sacnfice  their  privacy  under  current  law. 

Recent  Administration  proposals  would  only  allow  the  export  of  moderately  stronger  encryption,  and  then 
only  with  "key  escrow"  restrictions  to  guarantee  U.S.  government  access  to  individuals'  keys  --  restrictions 
which  are  bound  to  fail  in  the  competitive  international  mari<etplace. 

Putting  the  Administration's  Arguments  in  a  Box:  Law 
Enforcement  Has  Not  Made  Its  Case 

Law  enforcement  has  been  unable  to  justify  massive  losses  of  privacy  it  proposes  in  return  for  minor 
gains  in  surveillance  capabilities.  The  law  enforcement  problem  posed  by  encryption  is  real,  but  narrowly 
focused  around  real-time  surveillance  of  electronic  communications.  The  massive  invasion  of  pnvacy  and 
high  cost  of  the  Administration  export  controls  and  key  escrow  cannot  be  justified  by  the  law 
enforcement's  last,  hopeless  grasp  to  expand  their  capabilities  is  an  area  where  those  capabilities  are 
already  largely  gone. 

Law  enforcement  faces  a  real,  but  narrowly  focused,  problem  with  encryption.  Based  on  available 
information,  however,  the  vast  majority  of  encrypted  infonvation  will  be  accessible  to  law  enforcement  by 
legal  process.  Stored  infonnation,  corporate  and  business  information,  and  even  a  great  deal  of  electronic 
communication  will  likely  be  largely  available  to  law  enforcement  through  legal  process  similar  to  that 
available  today  (See  Figure  1  below): 

1 .  Stored  business  information  -  Stored  corporate  records  and  business  information,  encrypted  for 
security  and  pnvacy  purposes,  represent  a  large  part  of  the  use  of  encryption  and  will  be  almost 
completely  accessible  to  law  enforcement  using  the  same  sorts  of  court  orders,  warrants,  and 
even  subpoena  processes  that  are  available  today  to  access  similar  unencrypted  data. 

2.  Stored  information  by  individuals  -  Will  be  similarty  available  by  legal  process,  just  as  it  is  today.  In 
certain  narrow  circumstances,  acces?  to  encrypted  information  may  be  thwarted  by  assertion  of  a 
Fifth  Amendment  privilege  against  s£i;-incrimination. 

3.  Business  communications  -  Business  communications  will  be  largely  accessible  to  law 
enforcement.  Today,  electronic  communications  almost  always  become  stored  information  at  one 
end  or  the  other,  and  often  both,  and  often  as  plaintext.  (For  example,  consider  the  instructive 
example  of  the  archived  email  in  the  Bush  Administration).  Such  stored  infomation  will  be  readily 
available  to  law  enforcement  as  noted  above.  Thus,  most  communications  will  be  accessible  ~ 

•  As  data  stored,  often  in  plaintext,  by  communicating  parties  and  available  via  court  order: 

•  Througn  stored  decryption  keys  available  via  court  order;  or 
I    Through  other  kinds  of  authonzed  sun/eillance. 

4.  Individual  communications  ~  Similarty  to  business  communications,  the  bulk  of  individual 
communications  will  be  accessible  to  law  enforcement  through  legal  process  in  some  manner. 
Fifth  Amendment  privileges  for  individuals  may  protect  some  of  these  communications. 

The  remaining  problem  for  law  enforcement  can  be  narrowed  to  the  real-time  interception  of 
communications  without  any  notice  to  the  party  under  surveillance.  While  this  represents  a  problem  for  law 
enforcement,  it  is  a  narrow  problem.  There  are  curently  only  on  the  order  of  11 00  wiretaps  conducted  by 
'aw  enforcement  in  the  U.S.  each  year. ' 


The       Internet       Privacv      and      Security       Imperative  Page     6 


100 


Center      for      Democracy      and      Technology 


The  widespread  use  of  compression  algorithms,  a  vast  array  of  text,  audio,  and  video  applications,  and 
even  40-bit  encryption  have  already  made  real-time  electronic  interception  dramatically  more  difficult.  The 
widespread  use  of  strong  encryption  by  our  more  sophisticated  national  enemies  makes  many  of  those 
interceptions  impossible.  The  days  of  a  vast  positive  signals  intelligence  operation  are  numbered,  with  or 
without  U.S.  export  controls.  We  must  find  ways  to  help  law  enforcement  and  national  secunty  to  adjust  to 
this  new  world,  without  limiting  effective  privacy  for  individuals  and  businesses  on  the  Gil. 

Moreover,  the  information  economy  presents  new  and  powerful  tools  and  opportunities  for  law 
enforcement.  Online  interaction  leaves  a  detailed  trail  of  electronic  transactions,  credit  card  purchases, 
online  communications,  and  Web-based  clickstream  data  presenting  new  traffic  analysis  opportunities. 
This  information  offers  law  enforcement  unprecedented  new  tools  to  obtain  evidence  of  criminal  activity. 
The  balance  of  power  in  an  online  world  is  tilting  further  towards  law  enforcement  and  away  from  individual 
liberty.  Encryption  may  represent  one  of  the  rare  opportunities  to  reclaim  individual  liberty  in  the  face  of 
the  steady  erosion  of  privacy  and  individual  autonomy  brought  on  by  technology  and  the  Information  Age. 

The  federal  govemment  is  granted  the  ability  to  monitor  a  specific  telephone  line.  It  has  never  been 
prospectively  guaranteed  \he  ability  to  intercept  all  communications  of  all  individuals,  and  understand 
them.  Wiretap  targets  have  always  been  able  to  use  other  phones,  or  speak  in  unintelligible  code. 

More  importantly,  the  ability  to  hear  a  specific  phone  conversation  is  not  neariy  as  invasive  as  the  ability 
to  intercept,  without  notice  or  consent,  the  full  panoply  of  life  online  including  health  records,  financial 
transactions,  online  entertainment,  intimate  letters  and  conversations.  Law  enforcement  has  been  unable 
to  justify  this  new,  unwarranted  expansion  of  surveillance  capabilities  sought  through  the  control  of 
encryption  technologies. 

Figure  1  -  Defining  the  Law  Enforcement  Problem:  Access  to  Information  Online 


Stored  Data 

Communications 

Business 
Infonnation 

1 .  Available  via  court  order  just 
like  unencrypted  infonnation 
Keys  for  encrypted  infonnation 
are  similarly  available  via  court 
order. 

3.  Largely  available: 

•  As  plaintext  stored  by 
communicating  parties, 
available  by  court  order. 

•  Through  decryption  keys, 
available  via  court  order. 

•  Through  other  kinds  of 
sun/eillance. 

Remaining  problem  in  real-time 
interceptions  without  notice. 

Individual 
Infonnation 

2.  Available  via  court  order  in 
most  cases,  just  as 
unencrypted  information. 
In  some  situations,  access  to 
encryption  keys  may  be 
protected  by  Rfth  Amendment 
privileges. 

4.  Largely  available: 

•  As  plaintext  stored  by 
communicating  parties,  largely 
available  by  court  order. 

•  Through  decryption  keys, 
available  via  court  order. 

•  Through  other  kinds  of 
surveillance. 

Remaining  problem  in  real-time 
interceptions  without  notice. 

The       Internet       Privacy       and       Security       Imperative 


Page     7 


101 


Center      for      Democracy      and      Technology 


Conclusion 


Current  U.S.  encryption  policy  fails  to  recognize  the  needs  of  users  and  the  changes  brought  on  by 
the  Internet  Age.  The  Internet  is  not  like  a  phone  system,  so  the  extension  of  wiretapping  authority  to  the 
Internet  is  inappropriate.  The  Internet  is  a  global  medium,  so  centralized  control  schemes  like  current  U.S. 
encryption  policy  are  likely  to  be  ineffective.  And  the  Internet  makes  U.S.  Constitutional  protections  a  local 
ordinance,  so  U.S.  encryption  policy  should  seek  to  guarantee  the  privacy  and  liberty  of  Americans  in  their 
communications  outside  of  the  United  States. 

In  the  current  policy  standoff  between  eroding  law  enforcement  arguments  and  the  emerging  and 
acute  pnvacy  and  security  needs  of  the  Information  Age,  Congressional  action  is  needed.  Only  Congress 
is  in  the  position  today  to  change  U.S.  encryption  policy  and  get  Amencans  the  privacy  and  security  tools 
they  need.  The  pnvate  sector  cannot  do  it.  The  Administration  will  not  do  it.  The  courts  may  do  it,  but  not 
without  a  protracted  struggle.  Congress  must  act.  CDT  believes  that  immediate  liberalization  of  export 
controls  will  help  provide  Americans  on  the  Internet  with  the  strong  security  and  privacy  they  so  badly 
need. 


About  the  Center  for  Democracy  and  Technology 

CDT  is  an  independent,  non-profit  public  interest  policy  organization  in  Washington,  D.C.  The 
Center's  mission  is  to  develop  and  implement  public  policies  to  protect  and  advance  individual  liberty  and 
democratic  values  in  new  digital  communications  media.  The  Center  achieves  its  goals  through  policy 
development,  public  education,  and  coalition  building.  CDT  also  coordinates  the  Digital  Privacy  and 
Security  Wort<ing  Group  (DPSWG),  an  ad  hoc  coalition  of  more  than  50  computer,  communications,  and 
public  interest  organizations  and  associations  wori<ing  on  communications  privacy  issues.  In  the  past, 
members  of  the  Working  Group  have  strongly  opposed  the  Administration's  Clipper  Chip  proposals. 


For  more  Information  contact: 


Daniel  J.  Weitzner,  Deputy  Director  <djw@cdt.org> 

Alan  B.  Davidson.  Staff  Counsel  <abd@cdt.org> 

Center  for  Democracy  and  Technology 

nttp://www.cdt.org/ 

-1  202.637.9800  (v) 

-1  202.637.0968  (f) 

And  see  the  Encryption  Policy  Resource  Page  on  the  Worid  Wide  Web: 

http://www.crypto.com 


'      This  caper  is  drawn  largely  from  the  testimony  CDT  Executive  Director  Jerry  Berman  presented  to  the 
Senate  Commerce  Committee,  Science,  Technology,  and  Space  Subcommittee  heanng  on  S.I 726  (the 
■'PRO-Code  Act")  on  June  20,  1996.  The  Center  wishes  to  express  its  thanks  to  the  members  of  the 
Subcommitte.  including  Senator  Bums,  Senator  Pressler.  and  Senator  Wyden,  and  the  other  sponsors  of 
S.  1 726  'cr  their  work  in  support  of  Internet  privacy  and  secunty,  and  to  Senator  Leahy,  who  has  been  a 
long-tire  supporter  of  efforts  to  ease  encryption  controls. 

CDT  nas  oeen  particulariy  concerned  that  the  voice  of  Intemet  users  be  heard  in  these  forums.  We 
are  oieased  to  have  seen  a  part  of  the  Committee's  efforts  to  solicit  input  for  the  Pro-GODE  heanng  via  the 


The       Internet      Privacv      and      Security      Imperative  Page     3 


BOSTON  PUBLIC  LIBRARY 


102 

3  9999  05984  062  7 

Center      for      Democracy      and      Technology 


World  Wide  Web.  We  are  also  pleased  to  have  worked  with  HotWired  and  Digex  to  make  it  the  first  Senate 
heanng  ever  simulcast  live  over  the  Internet,  making  the  proceedings  accesible  to  millions  worldwide.  We 
commend  the  committee  for  reaching  out  to  the  growing  community  of  computer  users  who  care  deeply 
about  this  issue. 

'  f^att  Blaze,  et  al.,  Minimal  Key  Lengths  for  Symmetric  Ciphers  to  Provide  Adequate  Commercial  Secunty: 

A  Report  bv  an  ad  hoc  group  of  cryptographers  and  computer  scientists,  at  7  (1996)  (hereinafter,  The 

Cryptographers'  Report"). 

'  John  Perry  Bartow  is  often  attributed  with  the  phrase,  'In  cyberspace,  the  First  Amendment  Is  a  local 

ordinance." 

'No.  96-1458  (E.D.Pa.  1996). 

'  See  ALA  v.  Deot.  of  Justice.  No.  96-1458  (E.D.Pa.  1996). 

'National  Research  Council,  Cryptography's  Role  in  Securing  the  Information  Society,  at  8-6.  (Hereinafter, 

"NRC  Report".) 

'NRC  Report  Summary  at  12. 13/ 

"The  Cryptographers'  Report,  at  5. 

^NRC  Report  Summan/  at  1 . 

'°\SL  at  1 

"ijLatS 

'^  "Had  I  but  serVd  my  God  with  half  the  zeal 

I  serv'd  my  king,  he  would  not  in  mine  age 

Have  left  me  naked  to  mine  enemies." 
WILLIAM  SHAKESPEARE,  HENRY  VIII,  act  3,  SC.  2. 
'^NRC  Report  at  8-7 
"Cryptographer's  Report  at  5. 
"id.  at  5.  See  also  NRC  Summary  at  2. 

"Computer  Systems  Policy  Proiect,  The  Impact  of  Export  Control  Policy  on  U.S.  Competitiveness 
(1996). See  a/so  NRC  Summary  at  1 3. 
'^SeeNRC  Report.  Appendix  D. 


The       Internet      Privacy      and      Security      Imperative  Page     9 


o 


f 


ISBN  0-16-053944-7 


9  780160"539442 


90000 


